PHP 7.3 reached EOL on , and all releases of this version no longer receive security or bug fixes. Using PHP 7.3.16 is not recommended. PHP 7.3.33 is the latest version in the series.
Downloads
Source Code
git clone https://github.com/php/php-src.git --depth 1 --branch php-7.3.16
./buildconf
), configuring the build ./configure
, and running make
.Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
Windows binaries
Docker/Podman Containers
docker pull php:7.3.16-cli-alpine
docker pull php:7.3.16-cli
docker pull php:7.3.16-fpm-alpine
docker pull php:7.3.16-apache
docker pull php:7.3.16-fpm
ChangeLog
Core
- Fixed bug #63206 (restore_error_handler does not restore previous errors mask).
COM
- Fixed bug #66322 (COMPersistHelper::SaveToFile can save to wrong location).
- Fixed bug #79242 (COM error constants don't match com_exception codes on x86).
- Fixed bug #79248 (Traversing empty VT_ARRAY throws com_exception).
- Fixed bug #79299 (com_print_typeinfo prints duplicate variables).
- Fixed bug #79332 (
php_istreams
are never freed). - Fixed bug #79333 (
com_print_typeinfo()
leaks memory).
DOM
- Fixed bug #77569: (Write Access Violation in DomImplementation).
- Fixed bug #79271 (DOMDocumentType::$childNodes is NULL).
Enchant
- Fixed bug #79311 (
enchant_dict_suggest()
fails on big endian architecture).
EXIF
- Fixed bug #79282 (Use-of-uninitialized-value in exif). (CVE-2020-7064)
MBstring
- Fixed bug #79371 (
mb_strtolower
(UTF-32LE): stack-buffer-overflow atphp_unicode_tolower_full
). (CVE-2020-7065)
MySQLi
- Fixed bug #64032 (mysqli reports different client_version).
PCRE
- Fixed bug #79188 (Memory corruption in preg_replace/preg_replace_callback and unicode).
PDO_ODBC
- Fixed bug #79038 (
PDOStatement::nextRowset()
leaks column values).
Reflection
- Fixed bug #79062 (Property with heredoc default value returns false for getDocComment).
SQLite3
- Fixed bug #79294 (::columnType() may fail after SQLite3Stmt::
reset()
).
Standard
- Fixed bug #79329 (
get_headers()
silently truncates after a null byte). (CVE-2020-7066) - Fixed bug #79254 (
getenv()
w/o arguments not showing changes). - Fixed bug #79265 (Improper injection of Host header when using fopen for http requests).
Commit List
Christoph M. Becker
- Next is 7.3.16 in e3632fdc0d
- Fix #66322: COMPersistHelper::SaveToFile can save to wrong location in 5e2ea00b15
- Fix #79242: COM error constants don't match com_exception codes in b9738f5802
- Fix #79248: Traversing empty VT_ARRAY throws com_exception in f649adedfe
- Fix #79254:
getenv()
w/o arguments not showing changes in 7b464ce6f3 - Fix #77569: Write Acess Violation in DomImplementation in cec8b24c84
- Fix typo in recent bugfix in 8308196c97
- Fix #79271: DOMDocumentType::$childNodes is NULL in 0966941130
- Fix # 79171: heap-buffer-overflow in phar_extract_file in 7df594b943
- Fix #79038:
PDOStatement::nextRowset()
leaks column values in 08073b0658 - Add test for bug #78569 in ad000a63e8
- Fix #79294: ::columnType() may fail after SQLite3Stmt::
reset()
in f133f0024e - Fix #79299: com_print_typeinfo prints duplicate variables in 9e6358af36
- Fix #64032: mysqli reports different client_version in 8654c32b58
- Add upgrading node regarding fix for bug #79271 in 49762c84e0
- Fix #79311:
enchant_dict_suggest()
fails on big endian architecture in 6adb885966 - Fix #79332:
php_istreams
are never freed in 2adf1c4d23 - Fix #79333:
com_print_typeinfo()
leaks memory in 53140e5c56 - Update libmagic.patch in f15ab32af8
- Bump version in f5939563f6
- Fix #79371:
mb_strtolower
(UTF-32LE): stack-buffer-overflow in b8048de333 - Bump version in d466e966ef
Dmitry Stogov
- Fixed incorrect behavior of internal memory debugger in 45b4368d5c
- Fixed incorrect overflow detection in 5b51b633e2
Mark Plomer
- Fix #63206: Fully support error/exception_handler stacking, even with null or inside the handler in 8c6a7c3326
Miguel Xavier Penha Neto
- Fixes #79265: Improper injection of Host header when using fopen for http requests in d0d60503b5
Nikita Popov
- Fixed bug #79188 in 13bfa9f5ac
- Mark
bug76348.phpt
as online test in 2826364298 - Reduce code duplication in HTTP header checks in 3d9c02364d
- Don't treat any WS as start of header in 56cdbe63c2
- Fixed bug #79062 in 6c48da9a50
Remi Collet
- bump version to 7.2.29 in 63f6608f89
- Fix #79315
ZipArchive::addFile
doesn't honor start/length parameters in d31fc591e0
Stanislav Malyshev
- Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress in d76f7c6c63
- Fix bug #79082 - Files added to tar with
Phar::buildFromIterator
have all-access permissions in e5c95234d8 - Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress in 409965fe1c
- Fix bug #79082 - Files added to tar with
Phar::buildFromIterator
have all-access permissions in 6facfa59a5 - Fix bug #79329 - get_headers should not accept \0 in f930ff52f4
- Fixed bug #79282 in c099c71ea5
- Fix test in 4e330d3d48