Well if there were anywhere near as many people writing Python as PHP, especially on cheap shared hosting plans you would probably see just as much crap in Python. The fact that Python (and many others) possess a relatively high barrier to entry drastically cuts down on the likelihood of this IMHO. I mean, would you want to regularly use or browse a site written with Python CGI compared to the relative speed of PHP? Most people don't, so PHP is used.
If mod_(python|perl|ruby|etc) were as prevalent as mod_php there'd be travesties such as this in them too. Now if you want to argue that higher barrier to entry is a good thing, and/or mod_php shouldn't be deployed all over on shared hosts, I think that's a different topic.
That explains why there's such a multitude of such problems in various PHP programs -- and there is a huge number and variety -- but not why a library used by respected PHP software projects would have that kind of problem.# Ian Bicking
Agreed -- I was addressing the larger point of the overall quality level of most PHP code out there. But as mentioned above by jfj, this is hardly the exclusive domain of PHP - libpng had a huge hole[s], and check out the vendor list of products that lib made it into: http://www.kb.cert.org/vuls/id/388984 Yikes!# ToddG