PHP 7.2 reached EOL on , and all releases of this version no longer receive security or bug fixes. Using PHP 7.2.1 is not recommended. PHP 7.2.34 is the latest version in the series.
Downloads
Source Code
Git Clone
Use Git to clone the 7.2.1 tag from the PHP Git repository.
git clone https://github.com/php/php-src.git --depth 1 --branch php-7.2.1
How to compile PHP
PHP can be compiled by setting up the dependencies, building the configure script (
Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
./buildconf
), configuring the build ./configure
, and running make
.Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
Windows binaries
Non-Thread Safe Builds
Non-Thread Safe (NTS) builds are single-threaded PHP builds. They can be used on web servers that integrate PHP over FastCGI protocol, such as Nginx, Caddy, and IIS.
php-7.2.1-x64NTS.zip (24.33 MiB)
php-7.2.1-x86NTS.zip (22.7 MiB)
Thread-Safe Builds
Thread-Safe (TS) builds are multi-thread PHP builds, often used to integrate PHP as a Server API for multithreaded servers. The most common use case is using PHP as an Apache module.
php-7.2.1-x64TS.zip (24.48 MiB)
php-7.2.1-x86TS.zip (22.77 MiB)
Docker/Podman Containers
PHP CLI
PHP CLI Containers images only include the PHP CLI, and no FPM or Apache modules. The Alpine builds are lightweight, but may introduce incompatibilities due to their musl builds. Albeit their larger size, the Debian-based (without the "-alpine" suffix) images are more complete, and widely used.
Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.2.1-cli-alpine
Debian-based: More compatible with other components, complete, and are widely used.
docker pull php:7.2.1-cli
PHP CLI + Web Server Integration
These container images include PHP CLI, and a web server integration. FPM container images can be integrated with web servers such as Nginx, Caddy, and Apache with Event MPM. The Apache container images include Apache web server, integrating PHP as an Apache module.
Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.2.1-fpm-alpine
Debian-based ZTS Apache: Includes Apache web server integrating PHP as an Apache module.
docker pull php:7.2.1-apache
Debian-based NTS FPM: PHP-FPM, can be integrated with Nginx, Caddy, and other web servers over Fast CGI.
docker pull php:7.2.1-fpm
ChangeLog
Core
- Fixed bug #75573 (Segmentation fault in 7.1.12 and 7.0.26).
- Fixed bug #75384 (PHP seems incompatible with OneDrive files on demand).
- Fixed bug #75525 (Access Violation in vcruntime140.dll).
- Fixed bug #74862 (Unable to clone instance when private __clone defined).
- Fixed bug #75074 (php-process crash when
is_file()
is used with strings longer 260 chars). - Fixed bug #69727 (Remove timestamps from build to make it reproducible).
CLI server
- Fixed bug #73830 (Directory does not exist).
FPM
- Fixed bug #64938 (libxml_disable_entity_loader setting is shared between requests).
GD
- Fixed bug #75571 (Potential infinite loop in gdImageCreateFromGifCtx).
Opcache
- Fixed bug #75608 ("Narrowing occurred during type inference" error).
- Fixed bug #75579 (Interned strings buffer overflow may cause crash).
- Fixed bug #75570 ("Narrowing occurred during type inference" error).
- Fixed bug #75681 (Warning: Narrowing occurred during type inference, specific case).
- Fixed bug #75556 (Invalid opcode 138/1/1).
PCRE
- Fixed bug #74183 (preg_last_error not returning error code after error).
Phar
- Fixed bug #74782 (remove file name from output to avoid XSS).
Standard
- Fixed bug #75511 (fread not free unused buffer).
- Fixed bug #75514 (mt_rand returns value outside [$min,$max]+ on 32-bit)
- Fixed bug #75535 (Inappropriately parsing HTTP response leads to PHP segment fault).
- Fixed bug #75409 (accept EFAULT in addition to ENOSYS as indicator that
getrandom()
is missing). - Fixed bug #73124 (
php_ini_scanned_files()
not reporting correctly). - Fixed bug #75574 (putenv does not work properly if parameter contains non-ASCII unicode character).
Zip
- Fixed bug #75540 (Segfault with libzip 1.3.1).
Commit List
Anatol Belski
- Fixed #75384 PHP seems incompatible with OneDrive files on demand in c6720e2f45
- Fix uninitialized flag when JIT is disabled in 3c241ea326
- Fix UTF check in pcre_grep in 0d13323915
- update NEWS in 4615fcf24d
- Fixed bug #75525 Access Violation in vcruntime140.dll in 020fdfd55d
- Regenerate cp map in c94d091889
- Add missing var declarations for phpize mode in 5b28218cc6
- Fix C++ compatibility for TSRM_TLS in 0e5d4ea555
- Refine allocation in 6f41ca4de1
- Update SDK version for AppVeyor in 1ed08f9877
- Fix normalized path length calculation and error handling in 34b19387c2
- Fixed bug #75574 putenv does not work properly if parameter contains non-ASCII unicode character in 2b7d283cc5
- Fix memory leak in 2868ff84df
- Fix allocation in 06202f0feb
- Fixed bug #73830 Directory does not exist in 578049fdb6
- Follow up on bug #75574 for FCGI side in 8b57a5bca0
- Fix macro redefinition warnings in 23d2bd3748
- Revert "Fix macro redefinition warnings" in b6a27c7332
- Consider Xdebug for tmi ini generation, too in 958fdc997c
- Fix compat with libcurl 7.56.1+ and file:// wrapper in aaf00ae0a9
- Use dtor unconditionally in error case in 0eb262eacb
- 7.0.28 is next in 484c11a541
- Fixed bug #75601 Thread race in PCRE JIT support in 31b2b14a71
- Fixed bug #75601 Thread race in PCRE JIT support in 75a2ee7f7b
- Fix use after free revealed by phpdbg in 092fd44474
- Fix yet one data race in PCRE in 1b29dc0b1c
- Add vc++ 19.12 to the known list in 2d7bea0462
- Sync known vc++ versions in 7.1 in f749448fc6
Andy Postnikov
- Fix
ZEND_SIGNED_MULTIPLY_LONG
for AArch64 in d6d4f2a9b3
Christoph M. Becker
- Fixed bug #75571: Potential infinite loop in gdImageCreateFromGifCtx in 3b50e238b2
DanielCiochiu
- Fixed #74862: Unable to clone instance when private __clone defined in dba5a798a2
Derick Rethans
- Fixed
ext/date
tests due to changes in Olson database in ca0bcf535c - Fixed
ext/date
tests due to changes in Olson database in ba9df1cff6 - Revert "date module, replacing abs call with the llabs's like one due to bigger type" in 466a34d67c
Dmitry Stogov
- Fixed assertion on phpMyAdmin-4.7.5 home page in b6294bbc6c
- typo in 2a6a1fd22c
- Fixed bug in type inference in 776bef8447
- Set trailing zero in 24d5adbd5a
- Fixed bug #75608 ("Narrowing occurred during type inference" error) in 5934bff913
- Fixed bug #75579 (Interned strings buffer overflow may cause crash) in 841e7a1922
Frank Denis
ext/sodium
: pwhash: do not warn on low parameters in c219991c77ext/sodium
: throw exceptions instead of errors in c05cbd1e77- Revert "
ext/sodium
: throw exceptions instead of errors" in 31d221f9c7 - Revert "
ext/sodium
: pwhash: do not warn on low parameters" in a1845b7fdb - Revert "Revert "
ext/sodium
: pwhash: do not warn on low parameters"" in fc8793499a
Joe Watkins
- bump versions in 3be6810385
johnstevenson
- Fixed #73124:
php_ini_scanned_files()
in 6ed242dfc8
krakjoe
- bump versions in 71a460ba7e
Lior Kaplan
- Define floorf if system doesn't have it (follow up for 22c48761) in 32e3d7b99e
Michael Heimpold
- ext/imap/config.m4: fix ac_cv_u8t_decompose check in 1b10e6318b
Nester
- Fixed #75539 and #74183 - preg_last_error not returning error code after error in 8fdef981ef
Nikita Popov
- Backport some
printf()
fixes to 7.2 in 95e9cc2871 - Fix printf format issues on i386 in 1310234aa3
- Fixed bug #75535 in 0e097f2c96
Remi Collet
- Fixed bug #75514 mt_rand returns value outside [$min,$max]+ on 32-bit in e704e1e8c2
- NEWS in 3dbe8dd16f
- NEWS in 8c73c9a150
- next version is 7.2.1 in 704bcd385f
- NEWS in 4764574910
- fix bug #75540 Segfault with libzip 1.3.1 in de47d4792f
- NEWS in 8832c46607
- NEWS in 50a867eb07
- NEWS in 045e0fc0c7
- Better fix bug #75540 Segfault with libzip 1.3.1 in 702ef27364
- add 7.1 NEW entries in 0dbb327d70
- Prepare NEWS file for release in 51404ad063
- drop -dev from Zend version in 391d889f2c
- better fix for #75514 in 2b07102897
- Fixed bug #64938 libxml_disable_entity_loader setting is shared between requests (FPM) in 8e5b9532da
- NEWS in 26656684ea
- NEWS in 2873316d1d
- NEWS in 7c043fff53
Sammy Kaye Powers
- Fix bug 60471 by correctly identifying unused speculative preconnections in 3bc5c9f118
- Update NEWS in a5206bc690
Sara Golemon
- Bugfix#75515 php://streams behaving greedily in 0a45e8f096
- Prepare NEWS for 7.2.1 final in 8c26020579
- NEWS entries for latest cherry picks in 13e2cbebb8
Scott
- Fix bug #75409 in 269d160159
Sebastian Ramadan
- Check for binary_location allocation failure in 7e0feb8856
Stanislav Malyshev
- Fix bug #74782: remove file name from output to avoid XSS in c269b10423
Tyson Andre
- Fix typo in UPGRADING, should be oci_unregister_taf_callback in 9379b319b0
Xinchen Hui
- Fixed bug #75511 (fread not free unused buffer) in 1c1df0d937
- Update NEWS in 1ab03bc316
- Avoid overflow in c718fd16a1
- Fixed bug #75556 (Invalid opcode 138/1/1) in c412b8b384
- Improved fix in 9d02227243
- Update NEWs (added bug entry) in ee9e32caca
- Update NEWS in c52900d7f0
- Fixed bug #75573 (Segmentation fault in 7.1.12 and 7.0.26) in 3b9ba7b6bd
- Update NEWS in 17338ddb48
- Fixed bug #75573 (Segmentation fault in 7.1.12 and 7.0.26) in d4dee4a614