PHP 7.3 reached EOL on , and all releases of this version no longer receive security or bug fixes. Using PHP 7.3.11 is not recommended. PHP 7.3.33 is the latest version in the series.
Downloads
Source Code
git clone https://github.com/php/php-src.git --depth 1 --branch php-7.3.11
./buildconf
), configuring the build ./configure
, and running make
.Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
Windows binaries
Docker/Podman Containers
docker pull php:7.3.11-cli-alpine
docker pull php:7.3.11-cli
docker pull php:7.3.11-fpm-alpine
docker pull php:7.3.11-apache
docker pull php:7.3.11-fpm
ChangeLog
Core
- Fixed bug #78535 (auto_detect_line_endings value not parsed as bool).
- Fixed bug #78620 (Out of memory error).
Exif
- Fixed bug #78442 ('Illegal component' on exif_read_data since PHP7)
FPM
- Fixed bug #78599 (env_path_info underflow in
fpm_main.c
can lead to RCE). (CVE-2019-11043) - Fixed bug #78413 (request_terminate_timeout does not take effect after fastcgi_finish_request).
MBString
- Fixed bug #78633 (Heap buffer overflow (read) in
mb_eregi
). - Fixed bug #78579 (
mb_decode_numericentity
: args number inconsistency). - Fixed bug #78609 (
mb_check_encoding()
no longer supports stringable objects).
MySQLi
- Fixed bug #76809 (SSL settings aren't respected when persistent connections are used).
Mysqlnd
- Fixed bug #78525 (Memory leak in pdo when reusing native prepared statements).
PCRE
- Fixed bug #78272 (calling
preg_match()
beforepcntl_fork()
will freeze child process).
PDO_MySQL
- Fixed bug #78623 (Regression caused by "SP call yields additional empty result set").
Session
- Fixed bug #78624 (session_gc return value for user defined session handlers).
Standard
- Fixed bug #76342 (file_get_contents waits twice specified timeout).
- Fixed bug #78612 (strtr leaks memory when integer keys are used and the subject string shorter).
- Fixed bug #76859 (
stream_get_line
skips data if used with data-generating filter).
Zip
- Fixed bug #78641 (addGlob can modify given remove_path value).
Commit List
Brent Shaffer
- fix #78624: session_gc return value for user defined session handlers in a6d219630c
bugreportuser
- Fix #78535: auto_detect_line_endings value not parsed as bool in fdcca93056
Christoph M. Becker
- PHP 7.3.10RC1 has been tagged in cf31210f29
- Fix exif build in 31f617d9bc
- Stick with
zend_long
for ABI compatibility in 81cefab7b0 - Fix #78579:
mb_decode_numericentity
: args number inconsistency in 398b308316 - Fix test to be skipped if dom is not available in 697945aa89
- Fix NEWS entry in ed099ab186
- Fix #78559: Heap buffer overflow in
mb_eregi
in 8f949eba80 - Update NEWS in 7530938670
- Fix
skipif
.inc in 115f6effec - Fix build for libzip < 0.11.2 in f6bfbe9553
- Fix #78609:
mb_check_encoding()
no longer supports stringable objects in 45db6fa567 - Fix #78620: Out of memory error in 8ce04df7e0
- Revert "Fix #78620: Out of memory error" in f2fb37a772
- Fix #78620: Out of memory error in abaf9a76dc
- Split intl tests for ICU 65 in 545412a6cd
- Fix #78623: Regression caused by "SP call yields additional empty result set" in 114c03b9a6
- Fix #78641: addGlob can modify given remove_path value in fd3118ffb0
- Prepare 7.3.11RC1 in 12cca48ff6
- Fix #78633: Heap buffer overflow (read) in
mb_eregi
in 126018250e - Prepare PHP 7.3.11 in 335008f6b2
CJDennis
- Fix typo in e3255a4f49
Derick Rethans
- Updated to version 2019.3 (2019c) in 0505fbf2e5
Dmitry Stogov
- Fixed test that "fails" from time to time in 2fcb5eadbb
- Fixed test that "fails" from time to time in 3124129ca8
Drakano
- Add tilde to allowed status/ping path in 252ebce0d7
Fabien Villepinte
- Fix
SKIPIF
inext/mysqli
in 37d27e666a - Add missing skip keyword in tests in 209e37db7d
fancyweb
- Fix #76342: file_get_contents waits twice specified timeout in e691a98c1f
Fábio Souto
- Fix bug #76809 (SSL settings aren't respected when persistent connection is reused) in 9a2b42a5c1
Jakub Zelenka
- Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043) in 19e17d3807
Jinesh Patel
- Fix length of key passed to
zend_hash_str_find_ptr
in 0d6c2448a7 - Fix hash key length in
umsg_parse_format()
in d2331cc3f2
Kalle Sommer Nielsen
- Fixed bug #78442 ('Illegal component' on exif_read_data since PHP7) in 2823e938d4
- NEWS in 716518373f
Konstantin Kopachev
- Fix #76859
stream_get_line
skips data if used with data-generating filter in 05560b67bc
Nikita Popov
- Fix bug #78525 in df982da587
- Fix leak in SplObjectStorage unserialization in 8873df8e86
- Fixed bug #78545 in 2f6efd835d
- Increase timeout in test in 175f4f24ae
- Backport MAP_JIT fixes from PCRE2 10.33 in 03efeda538
- Fixed bug #78272 in e11ed02870
- Remove unstable test output in 85b001974a
- Fix exif leak on duplicate copyright tags in 3e139a4653
- Fix iterable return type optimization in 003c13d7bc
- Fix out-of-bounds read in exif tag reading in 0fa13028cb
- Fix multiple leaks in
exif_read_data()
in 0701835c01 - Fix leak of temporary buffer during exif tag reading in f989a4cd44
- Fix ubsan violation in parse_iv2 in e65adc9c19
- Fix signed integer overflow in SplObjectStorage unserialization in 8509970e6a
- Commit regenerated
var_unserializer.c
in 1a184f030a - Skip test on 32-bit in 087051c9a5
- Skip test on 32-bit in bc4c4c658c
- Fix
skipif
condition in 3ddb63dce1 - Fix null-pointer deref in if stmt printing in 8a9df88597
- Fix memory leak with ** on array operands in ab938d7bbc
- Don't throw warnings during heredoc scan-ahead in 7df50ef147
- Fixed bug #78612 in 6fcde56b03
- Fix segfault with COMPILER_HALT_OFFSET and trailing {} in a5d3620d93
- Improve diagnostic on PCRE JIT mmap failure in 1d6e9da743
- Make sure T_ERROR is returned for all lexer exceptions in 239e2dda64
- Backport fix for uaf during pcre jit fallback in ab61d5caf9
- Set session.gc_probability=0 in
bug78624.phpt
in 7d19668f60 - Check for
object_init_ex()
failure in user filter factory in 19e6abebc7
Remi Collet
- Raise minimal GCC version, in c43fc204b1
- next is 7.2.25 in 05d6878b3b
Sara Golemon
- Bump for 7.2.24 in a270eb1911
Sergei Turchanov
- Fix #78413: php-fpm request_terminate_timeout does not take effect after fastcgi_finish_request in e546d721e8
Tyson Andre
- Fix opcache return type for get_headers in
zend_func_info
in 29bced9521