My server admin tells me PHP 5.2 has been EOLed and so receives no bug fixes. This is obviously the case. He also tells me that 5.2 receives no security patches, which suggests we should upgrade to 5.3 ASAP.
However, a programmer I respect tells me that while PHP 5.2 has been EOLed for bug fixes, it is still very much supported insofar as security exploits are concerned - at least till 2012.
I've searched stackoverflow and google high and low but have come up with no answers to this elementary question.
Anyone care to inform my ignorance?
From: http://www.php.net/archive/2010.php#id2010-07-22-1
This release marks the end of the active support for PHP 5.2. Following this release the PHP 5.2 series will receive no further active bug maintenance. Security fixes for PHP 5.2 might be published on a case by cases basis.
Since then we've seen 3 more releases of 5.2 series focusing mostly on security patches. As far as I know there is no guarantee that such patches will be published until 2012.