No news is good news. No issues, just precautions.
This does bring up the issue of security. PHP appears to be quite exploitable. Sure, code in any language can usually be made to do things unexpected if fed unanticipated input, and the input is not correctly scrubbed.
Just as a precaution, it looks like running PHP based sites ought to be done in terms of virtual machines without write access to local storage. This is a little extreme, but it might be necesary in the event that PHP is hard to lock down.
Not bashing PHP here. Just looks like there are holes that need to be plugged, or tools to enable plugging of holes in it. Perl has taint mode, and can be really picky about things. Maybe PHP should steal that as well from Perl.