PHP 7.3.16: Downloads, Changelog, News

Release Information

PHP Version
PHP 7.3
Release Date
Release Type
Security Update
Release Status
EOL, Use PHP 7.3.33
Branch Status

PHP 7.3 reached EOL on , and all releases of this version no longer receive security or bug fixes. Using PHP 7.3.16 is not recommended. PHP 7.3.33 is the latest version in the series.


Source Code

Git Clone
Use Git to clone the 7.3.16 tag from the PHP Git repository.
git clone --depth 1 --branch php-7.3.16
How to compile PHP
PHP can be compiled by setting up the dependencies, building the configure script (./buildconf), configuring the build ./configure, and running make.
Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.

Windows binaries

Non-Thread Safe Builds
Non-Thread Safe (NTS) builds are single-threaded PHP builds. They can be used on web servers that integrate PHP over FastCGI protocol, such as Nginx, Caddy, and IIS.
Thread-Safe Builds
Thread-Safe (TS) builds are multi-thread PHP builds, often used to integrate PHP as a Server API for multithreaded servers. The most common use case is using PHP as an Apache module.

Docker/Podman Containers

PHP CLI Containers images only include the PHP CLI, and no FPM or Apache modules. The Alpine builds are lightweight, but may introduce incompatibilities due to their musl builds. Albeit their larger size, the Debian-based (without the "-alpine" suffix) images are more complete, and widely used.

Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.3.16-cli-alpine

Debian-based: More compatible with other components, complete, and are widely used.
docker pull php:7.3.16-cli
PHP CLI + Web Server Integration
These container images include PHP CLI, and a web server integration. FPM container images can be integrated with web servers such as Nginx, Caddy, and Apache with Event MPM. The Apache container images include Apache web server, integrating PHP as an Apache module.

Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.3.16-fpm-alpine

Debian-based ZTS Apache: Includes Apache web server integrating PHP as an Apache module.
docker pull php:7.3.16-apache

Debian-based NTS FPM: PHP-FPM, can be integrated with Nginx, Caddy, and other web servers over Fast CGI.
docker pull php:7.3.16-fpm



  • Fixed bug #63206 (restore_error_handler does not restore previous errors mask).


  • Fixed bug #66322 (COMPersistHelper::SaveToFile can save to wrong location).
  • Fixed bug #79242 (COM error constants don't match com_exception codes on x86).
  • Fixed bug #79248 (Traversing empty VT_ARRAY throws com_exception).
  • Fixed bug #79299 (com_print_typeinfo prints duplicate variables).
  • Fixed bug #79332 (php_istreams are never freed).
  • Fixed bug #79333 (com_print_typeinfo() leaks memory).


  • Fixed bug #77569: (Write Access Violation in DomImplementation).
  • Fixed bug #79271 (DOMDocumentType::$childNodes is NULL).


  • Fixed bug #79311 (enchant_dict_suggest() fails on big endian architecture).



  • Fixed bug #79371 (mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full). (CVE-2020-7065)


  • Fixed bug #64032 (mysqli reports different client_version).


  • Fixed bug #79188 (Memory corruption in preg_replace/preg_replace_callback and unicode).


  • Fixed bug #79038 (PDOStatement::nextRowset() leaks column values).


  • Fixed bug #79062 (Property with heredoc default value returns false for getDocComment).


  • Fixed bug #79294 (::columnType() may fail after SQLite3Stmt::reset()).


  • Fixed bug #79329 (get_headers() silently truncates after a null byte). (CVE-2020-7066)
  • Fixed bug #79254 (getenv() w/o arguments not showing changes).
  • Fixed bug #79265 (Improper injection of Host header when using fopen for http requests).

Commit List

Christoph M. Becker

Dmitry Stogov

  • Fixed incorrect behavior of internal memory debugger in 45b4368d5c
  • Fixed incorrect overflow detection in 5b51b633e2

Mark Plomer

  • Fix #63206: Fully support error/exception_handler stacking, even with null or inside the handler in 8c6a7c3326

Miguel Xavier Penha Neto

  • Fixes #79265: Improper injection of Host header when using fopen for http requests in d0d60503b5

Nikita Popov

Remi Collet

Stanislav Malyshev

Subscribe to PHP.Watch newsletter for monthly updates

You will receive an email on last Wednesday of every month and on major PHP releases with new articles related to PHP, upcoming changes, new features and what's changing in the language. No marketing emails, no selling of your contacts, no click-tracking, and one-click instant unsubscribe from any email you receive.