TYPO3 Core

Since Typo3 4.5.4 if a website is called the first time in the browser (= php tries to set the session cookie PHPSESSID the first time) all links are appended wit a URL Parameter "?PHPSESSID=xxxx"
It seems that this is the "default" behaviour of php if php does not know if a session cookie could be set. However this does not happen if I change the Typo3 version of this website back to 4.5.3.
This happens without login in backend or frontend and with all browsers I testes (= Firefox, IE, Safari, Opera, Chrome)

Ways to reproduce:
1) Change typo3_src to 4.5.4
2) Delete all session cookies in the browser before loading the URL
3) Load the URL -> All links are appended with PHPSESSID parameter, after reload of the page the Parameter dissappears (as the cookie is set now), if I deactivate cookies the PHPSESSID Parameter is added permanently.
4) Change typo3_src to 4.5.3
5) Delete all session cookies in the browser before loading the URL
6) Load the URL -> NO PHPSESSID parameter

This is a big problem from my point of view because the links with the PHPSESSID also appear in search engine result links. And the HTML does not validate with this Link Parameters.

I found the following report of another user reporting this issue: http://old.nabble.com/after-typo3-upgrade-to-4.5.4-PHPSESSID-is-shown-in-browser-url-td32192989.html