PHP 7.3 reached EOL on , and all releases of this version no longer receive security or bug fixes. Using PHP 7.3.18 is not recommended. PHP 7.3.33 is the latest version in the series.
Downloads
Source Code
git clone https://github.com/php/php-src.git --depth 1 --branch php-7.3.18
./buildconf
), configuring the build ./configure
, and running make
.Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
Windows binaries
Docker/Podman Containers
docker pull php:7.3.18-cli-alpine
docker pull php:7.3.18-cli
docker pull php:7.3.18-fpm-alpine
docker pull php:7.3.18-apache
docker pull php:7.3.18-fpm
ChangeLog
Core
- Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned). (CVE-2019-11048)
- Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (CVE-2019-11048)
- Fixed bug #79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference on !CS constant).
- Fixed bug #79477 (casting object into array creates references).
- Fixed bug #79470 (PHP incompatible with 3rd party file system on demand).
- Fixed bug #78784 (Unable to interact with files inside a VFS for Git repository).
DOM
- Fixed bug #78221 (
DOMNode::normalize()
doesn't remove empty text nodes).
FCGI
- Fixed bug #79491 (Search for .user.ini extends up to root dir).
MBString
- Fixed bug #79441 (Segfault in
mb_chr()
if internal encoding is unsupported).
OpenSSL
- Fixed bug #79497 (
stream_socket_client()
throws an unknown error sometimes with <1s timeout).
Phar
- Fix bug #79503 (Memory leak on duplicate metadata).
SimpleXML
- Fixed bug #79528 (Different object of the same xml between 7.4.5 and 7.4.4).
Standard
- Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter appended).
Commit List
Christoph M. Becker
- Fix #78221:
DOMNode::normalize()
doesn't remove empty text nodes in efec22b7be - Fix memory leak introduced by fixing bug #78221 in 7e91fcd7f9
- Fix test cases in a1b46fc152
- Add missing CVE in c4cdf1ae12
- Fix #79491: Search for .user.ini extends up to root dir in fa10abd6d7
- Fix #79503: Memory leak on duplicate metadata in ccca2c448d
- Fix #79470: PHP incompatible with 3rd party file system on demand in 29968d8f99
- Bump version in 6998cc5029
- Prepare for 7.3.18RC1 in 830e566998
- Fix #79528: Different object of the same xml between 7.4.5 and 7.4.4 in cb265a0add
- Bump version in 47a2da6951
- Fix #78875: Long filenames cause OOM and temp files are not cleaned in c71416cba2
- Fix #78876: Long variables cause OOM and temp files are not cleaned in 8fd9277689
Derick Rethans
- Updated to version 2020.1 (2020a) in b962d2e36f
dinosaur
- Fixed bug #79468 in 95eaccd0bb
- Fixed bug #79468 in 13842eda37
Dmitry Stogov
zend_timeout()
may access EX(opline) in d31ccb5fc8
George Peter Banyard
- Fix bug 79441 in 18dc9044f5
- Fix Bug #79448 0 is a valid Unicode codepoint, but
mb_substitute_character
(0) fails in 1333b46d6d - Went to fast and forgot to update tests in 656eac74fa
- Revert "Fix Bug #79448 0 is a valid Unicode codepoint, but
mb_substitute_character
(0) fails" in 6031b08240 - Revert "Went to fast and forgot to update tests" in a0df5f3b54
Graham Campbell
- Add additional preg_match test case in 51fb8398e2
guirish
- Fix MySQL local infile / attr handling on big endian systems in a1c1736bfb
Joe Cai
- Fix #79497: Fix
php_openssl_subtract_timeval()
in 94e09bfe55
Nikita Popov
- Fix literal compaction collision between string and double in 14b770d407
- Fixed bug #79434 in cf68bc413b
- Don't leak peername if accept fails in b56fb9019e
- Fixed bug #79477 in 79a36ff7f3
- Apply doc root fix for FPM in f62571c121
Qianqian Bu
- Fix incorrect free for last_message in ee21657a6a
Sara Golemon
- NEWS in 6df761b7ff
Stanislav Malyshev
- Fix bug #79330 - make all execution modes consistent in rejecting \0 in 14fcc81394
- Fix bug #79465 - use unsigneds as indexes in 9d6bf8221b