We just released new versions of XAMPP for Windows, OS X and Linux. This is a security release to fix libpng https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 for OS X and Linux versions. This issue allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (image header) chunk in a PNG image.
The libpng version has not been upgraded for Windows yet. We use the official PHP compiled binaries for Windows and the current versions use a previous libpng. We will release a new XAMPP version as soon as it is available.
You can check the libpng version with the following commands:
Linux: /opt/lampp/bin/libpng-config --version
OS X: /Applications/XAMPP/xamppfiles/bin/libpng-config --version
The non vulnerable version is 1.5.24.
You can download new versions at http://www.apachefriends.org/download.html.