Back in October 2013, we said in a new entry on "the php.net malware issue" [1]
> We will provide a full post mortem in due course, most likely next week. Whatever happened to this "full post mortem"? [1] http://php.net/archive/2013.php#id2013-10-24-2