PHP 7.3 reached EOL on , and all releases of this version no longer receive security or bug fixes. Using PHP 7.3.2 is not recommended. PHP 7.3.33 is the latest version in the series.
Downloads
Source Code
git clone https://github.com/php/php-src.git --depth 1 --branch php-7.3.2
./buildconf
), configuring the build ./configure
, and running make
.Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
Windows binaries
Docker/Podman Containers
docker pull php:7.3.2-cli-alpine
docker pull php:7.3.2-cli
docker pull php:7.3.2-fpm-alpine
docker pull php:7.3.2-apache
docker pull php:7.3.2-fpm
ChangeLog
Core
- Fixed bug #77369 (memcpy with negative length via crafted DNS response).
- Fixed bug #77387 (Recursion detection broken when printing GLOBALS).
- Fixed bug #77376 ("undefined function" message no longer includes namespace).
- Fixed bug #77357 (base64_encode / base64_decode doest not work on nested VM).
- Fixed bug #77339 (__callStatic may get incorrect arguments).
- Fixed bug #77317 (DIR, FILE,
realpath()
reveal physical path for subst virtual drive). - Fixed bug #77263 (Segfault when using 2 RecursiveFilterIterator).
- Fixed bug #77447 (PHP 7.3 built with ASAN crashes in zend_cpu_supports_avx2).
- Fixed bug #77484 (Zend engine crashes when calling realpath in invalid working dir).
Curl
- Fixed bug #76675 (Segfault with H2 server push).
Fileinfo
- Fixed bug #77346 (webm files incorrectly detected as application/octet-stream).
FPM
- Fixed bug #77430 (php-fpm crashes with Main process exited, code=dumped, status=11/SEGV).
GD
- Fixed bug #73281 (imagescale(…, IMG_BILINEAR_FIXED) can cause black border).
- Fixed bug #73614 (gdImageFilledArc() doesn't properly draw pies).
- Fixed bug #77272 (
imagescale()
may return image resource on failure). - Fixed bug #77391 (1bpp BMPs may fail to be loaded).
- Fixed bug #77479 (
imagewbmp()
segfaults with very large images).
ldap
- Fixed bug #77440 (
ldap_bind
using ldaps orldap_start_tls()
=exception in libcrypto-1_1-x64.dll).
Mbstring
- Fixed bug #77428 (
mb_ereg_replace()
doesn't replace a substitution variable). - Fixed bug #77454 (
mb_scrub()
silently truncates after a null byte).
MySQLnd
- Fixed bug #77308 (Unbuffered queries memory leak).
- Fixed bug #75684 (In
mysqlnd_ext_plugin.h
the plugin methods family has no external visibility).
Opcache
- Fixed bug #77266 (Assertion failed in dce_live_ranges).
- Fixed bug #77257 (value of variable assigned in a
switch()
construct gets lost). - Fixed bug #77434 (php-fpm workers are segfaulting in
zend_gc_addre
). - Fixed bug #77361 (configure fails on 64-bit AIX when opcache enabled).
- Fixed bug #77287 (Opcache literal compaction is incompatible with EXT opcodes).
PCRE
- Fixed bug #77338 (get_browser with empty string).
PDO
- Fixed bug #77273 (
array_walk_recursive
corrupts value types leading to PDO failure).
PDO MySQL
- Fixed bug #77289 (PDO MySQL segfaults with persistent connection).
SOAP
- Fixed bug #77410 (Segmentation Fault when executing method with an empty parameter).
Sockets
- Fixed bug #76839 (socket_recvfrom may return an invalid 'from' address on MacOS).
SPL
- Fixed bug #77298 (segfault occurs when add property to unserialized empty ArrayObject).
Standard
Commit List
Alexander Kurilo
- Regenerate certs for openssl tests in 687dad3674
- Regenerate certs for openssl tests in f51062523d
- Regenerate certs for openssl tests in e3e3289bd1
- Generate certs for openssl tests on the fly in 1fab01be5b
- Fix cleaning up after openssl_pkcs7_verify_basic test in 1a1e12c2a9
Anatol Belski
- Fixed bug #77317 DIR, FILE,
realpath()
reveal physical path for subst virtual drive in 199914b42d - Update binary SDK version for AppVeyor in 3c7dc7b4c4
- Fixed bug #77346 webm files incorrectly detected as application/octet-stream in d874d4a15c
- Add memory check to the test in 222fa032d2
- Increase timeout for test on AppVeyor in 54a2b42778
- Fixed bug #75684 In
mysqlnd_ext_plugin.h
the plugin methods family has no external visibility in 7b3f8e746a - Update NEWS in 1732ce9c23
- Update SDK version for AppVeyor in 8f66ca8189
- Fixed bug #77484 Zend engine crashes when calling realpath in invalid working dir in 8b20e7b68b
- Make test output more reliable in 4254bf87ba
- Skip test on unsuitable build in 52730fa30a
Andrey Hristov
- Revert visibility in 7a88f89a90
Christoph M. Becker
- Prepare main branch for 7.3.2 in a65133a17a
- Drop deprecated /Gm compile option in 20de58f51d
- Fix #77391: 1bpp BMPs may fail to be loaded in b0cfa28d6d
- Fix #77269: Potential unsigned underflow in gdImageScale in a918020c03
- Fix #77270: imagecolormatch Out Of Bounds Write on Heap in 7a12dad4dd
- Fix #77269: Potential unsigned underflow in gdImageScale in dfd8237aec
- Fix #77270: imagecolormatch Out Of Bounds Write on Heap in 567c9f5842
- Fix #77367: Negative size parameter in
mb_split
in e617f03066 - Fix NEWS in deb88f2269
- Sync NEWS with 7.3.1 in c4c6b80b9c
- Fix #77272:
imagescale()
may return image resource on failure in 772b1cb245 - Fix #73281: imagescale(…, IMG_BILINEAR_FIXED) can cause black border in 6b4cdbaade
- Fix #73614: gdImageFilledArc() doesn't properly draw pies in 61cfa34e11
- Fix #77479:
imagewbmp()
segfaults with very large images in 44fa0b0f31 - Fix failing test in 2966da70cf
- Update version for PHP 7.3.2RC1 in dd2301ddc4
- Update version for PHP 7.3.2 in 3fa88e0ce0
CHU Zhaowei
- Fix #77298: segfault occurs when add property to unserialized empty ArrayObject in b15189f4d8
Derick Rethans
- Upgrade timelib to 2018.01RC3 in 3e4a3d005a
- Update API use due to changes in timelib 2018.01RC3 in a9a084c092
- Updated to version 2018.9 (2018i) in 81da7f75e3
- Empty merge in 7ad9d6a63b
- Updated to version 2018.9 (2018i) in 11105e90c4
- Update tests due to data changes in tzdata 2018i in bd1d2c7bfe
Dmitry Stogov
- Removed /e modifirer and fixed ws in 8db63adb6d
- Fixed bug #77339 (__callStatic may get incorrect arguments) in 7e597f48e9
- Backport later interned strings destruction in 5888fbde0d
- Respect EG(vm_stack_page_size) in b45774eed0
- Fixed bug #77263 (Segfault when using 2 RecursiveFilterIterator) in 920450534e
- Fixed bug #77308 (Unbuffered queries memory leak) in 1a306cc9a1
George Wang
- Checkin LiteSpeed SAPI 7.2 in 66d72377d0
Jakub Zelenka
- Fix bug #77430 (php-fpm crashes with Main process exited) in 766b4fd515
- List me in the openssl maintainers in 25ffdc8dc9
Kevin Adler
- Fix bug #77361 (configure fails on 64-bit AIX when opcache enabled) in 332b58f865
Lauri Kenttä
- Fix #77359: spl_autoload causes segfault in 89bf3df67d
- Fix #77360: class_uses causes segfault in 16c62a8179
- Fixed bug #77289 in 63c38c9e49
- Fix seeking in php://input in dbe7f2a41a
Michael Meyer
- Initialize s_un (sockaddr_un) to zero before using it. Fixes #76839 in 3c42c784c2
Nikita Popov
- Fix invalid efree in browscap in 64de5bc224
- Fixed bug #77338 in b1deb98c42
- Fixed bug #77257 in 91888cc372
- Partial fix for bug #75426 in 73596c56e7
- Disable ifuncs on FreeBSD in 291589114a
- Possible fix for bug #77287 in 325a113974
- Fixed bug #77273 in cb009b12a5
- Possible fix for bug #77357 in 5a361c3a54
- Add NEWS entry for bug #77357 in 07873fab3c
- Fix self::class inside constant in global scope in 41af1e6781
- Fix bug #77410 in 361d3ede93
- Fix one issue reported in bug #77310 in 6f75890e7b
- Don't swap operands of
ZEND_MUL
in 1165a9068c - Fixed bug #77428 in 76c687feaf
- Make operator swapping depend on IGNORE_OVERLOADING flag in bf4dab0163
- Fixed bug #77434 in ade702a0d2
- Fixed bug #77439 in 5d33024a5d
- Fixed bug #77454 in 3ad0ebdf5c
- Fixed bug #77447 in c8c5a3ab8a
- Add additional no_sanitize_address attributes in 986b9b5ae3
- Revert "Prefix error_code with underscore in FastZPP implementation" in 5cce13ed67
- Fixed bug #77287 in 80b17a73ae
Ondřej Surý
- Fix rl_completion_matches detection in 1ea58b6e78
Pedro Magalhães
- Fixed bug #76675 in 32ae716037
Remi Collet
- bump to 7.2.15-dev in 7161fe629d
- missing entry for #77020 in 3245d1bb09
- cleanup merge in 0d9935739c
Sara Golemon
- Bump for 7.1.27 in fabade1573
Stanislav Malyshev
- Fix bug #77242 (heap out of bounds read in
xmlrpc_decode()
) in 4fc0bceb7c - Fix bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext) in 428d8164ff
- Fix bug #77370 - check that we do not read past buffer end when parsing multibytes in 20407d06ca
- Fix bug #77371 (heap buffer overflow in mb regex functions - compile_string_node) in 28362ed4fa
- Fix bug #77380 (Global out of bounds read in xmlrpc base64 code) in 1cc2182bcc
- Fix more issues with encodilng length in c95daa9c75
- Fix bug #77242 (heap out of bounds read in
xmlrpc_decode()
) in 9c62b95e5e - Fix bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext) in 78bd347774
- Fix bug #77370 - check that we do not read past buffer end when parsing multibytes in deb06bbb9c
- Fix bug #77371 (heap buffer overflow in mb regex functions - compile_string_node) in c6e34d91b8
- Fix bug #77380 (Global out of bounds read in xmlrpc base64 code) in 4feb9e66ff
- Fix more issues with encodilng length in 31f59e1f30
- Fix #77369 - memcpy with negative length via crafted DNS response in 8d3dfabef4
- Fix test in 0c35032012
- Add NEWS in 25c95752d6
- Add NEWS in 08bb0ce4e4
- Add NEWS in 1b7c599a02
- Fix tests - newer versions check Unicode in d0d0d922de
- Fix bug #77418 - Heap overflow in utf32be_mbc_to_code in 9d6c59eeea
- Still leaking for some reason,
XFAIL
for now, I'll look into it later in 27625f063e
twosee
- Prefix error_code with underscore in FastZPP implementation in 6305119a51
Vincent JARDIN
- skeleton: support PHP 7.2 in 91e44a27f6
wbob
- document
open_basedir
and realpath cache coupling in php.ini in 5ac9990ddf
Xinchen Hui
- Fixed bug #77395 (segfault about
array_multisort
) in 8ebae84674 - Update NEWS in 703ccd5d27
- Fixed bug #77376 ("undefined function" message no longer includes namespace) in e01f08f679
- Fixed bug #77387 (Recursion detection broken when printing GLOBALS) in 54a58a7380
- Entry get lost while merging in 1b86f84908
- Fixed bug #77266 (Assertion failed in dce_live_ranges) in cd49db9d47
- Incase of invalid read in 16176ad0e3