PHP 7.3 reached EOL on , and all releases of this version no longer receive security or bug fixes. Using PHP 7.3.21 is not recommended. PHP 7.3.33 is the latest version in the series.
Downloads
Source Code
Git Clone
Use Git to clone the 7.3.21 tag from the PHP Git repository.
git clone https://github.com/php/php-src.git --depth 1 --branch php-7.3.21
How to compile PHP
PHP can be compiled by setting up the dependencies, building the configure script (
Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
./buildconf
), configuring the build ./configure
, and running make
.Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
Windows binaries
Non-Thread Safe Builds
Non-Thread Safe (NTS) builds are single-threaded PHP builds. They can be used on web servers that integrate PHP over FastCGI protocol, such as Nginx, Caddy, and IIS.
php-7.3.21-x64NTS.zip (24.44 MiB)
php-7.3.21-x86NTS.zip (22.81 MiB)
Thread-Safe Builds
Thread-Safe (TS) builds are multi-thread PHP builds, often used to integrate PHP as a Server API for multithreaded servers. The most common use case is using PHP as an Apache module.
php-7.3.21-x64TS.zip (24.57 MiB)
php-7.3.21-x86TS.zip (22.87 MiB)
Docker/Podman Containers
PHP CLI
PHP CLI Containers images only include the PHP CLI, and no FPM or Apache modules. The Alpine builds are lightweight, but may introduce incompatibilities due to their musl builds. Albeit their larger size, the Debian-based (without the "-alpine" suffix) images are more complete, and widely used.
Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.3.21-cli-alpine
Debian-based: More compatible with other components, complete, and are widely used.
docker pull php:7.3.21-cli
PHP CLI + Web Server Integration
These container images include PHP CLI, and a web server integration. FPM container images can be integrated with web servers such as Nginx, Caddy, and Apache with Event MPM. The Apache container images include Apache web server, integrating PHP as an Apache module.
Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.3.21-fpm-alpine
Debian-based ZTS Apache: Includes Apache web server integrating PHP as an Apache module.
docker pull php:7.3.21-apache
Debian-based NTS FPM: PHP-FPM, can be integrated with Nginx, Caddy, and other web servers over Fast CGI.
docker pull php:7.3.21-fpm
ChangeLog
Apache
- Fixed bug #79030 (Upgrade apache2handler's
php_apache_sapi_get_request_time
to return usec).
Core
- Fixed bug #79877 (getimagesize function silently truncates after a null byte)
- Fixed bug #79778 (Assertion failure if dumping closure with unresolved static variable).
- Fixed bug #79792 (HT iterators not removed if empty array is destroyed).
COM
- Fixed bug #63208 (BSTR to PHP string conversion not binary safe).
- Fixed bug #63527 (DCOM does not work with Username, Password parameter).
Curl
- Fixed bug #79741 (curl_setopt CURLOPT_POSTFIELDS asserts on object with declared properties).
Fileinfo
- Fixed bug #79756 (finfo_file crash (FILEINFO_MIME)).
FTP
- Fixed bug #55857 (
ftp_size
on large files).
Mbstring
- Fixed bug #79787 (
mb_strimwidth
does not trim string).
Phar
- Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile function). (CVE-2020-7068)
Standard
Commit List
Andy Postnikov
- Fix bug #78008:
dns_check_record()
always return true on Alpine in 2c57378bd3
Christoph M. Becker
- 7.3 is now 7.3.21-dev in 91982bad63
- Fix #55857:
ftp_size
on large files in e94126aac7 - Fix #79756: finfo_file crash (FILEINFO_MIME) in 816b4c1235
- Fix #63208: BSTR to PHP string conversion not binary safe in a385cfa7ad
- Fix #70362: Can't
copy()
large 'data://' withopen_basedir
in 7f3bc64287 - Don't use deprecated curly brace offset syntax in f23bd48892
- Fix #63527: DCOM does not work with Username, Password parameter in b2e3fd1e69
- Bump version to 7.3.21RC1 in 82949e5076
- Fix #79797: Use of freed hash key in the phar_parse_zipfile function in f57a999379
- Fix #79877: getimagesize function silently truncates after a null byte in 09171dc1d7
- Prepare for 7.3.21 in 2b5ec153e4
Evgeny Stepanischev
- Fixed bug #79849 in ce149b0cb8
Herbert256
- Fixed bug #79030 Use usec from apache request time in 4a26628b29
Nikita Popov
- Fixed bug #79741 in 43cd3f6814
- Fix leak when setting cyclic previous exception in finally in fc6f53d426
- Remove bogus generator iterator dtor in 187a72d563
- Fixed bug #79778 in b765f96f5f
- Fixed bug #79792 in 64931fd3c4
- Report len as -1 instead of INT_MAX in e6160e99d8
- Fixed bug #79817 in a72c53a070
Paweł Tomulik
- Fix some memory bugs in
ldap.c
in 23ef0a1285
Sara Golemon
- Prep NEWS for 7.2.32 release in 9588c8474e
- Prep for 7.2.33 in c68d48de9e
twosee
- Fixed bug #79821 in 150504e6b1
- Fixed bug #79830 introduced by fixing bug #79821 in 56dec3cc73
- Fixed BC break of
php_debug_zval_dump
in f0b2c2cb98
XXiang
- Fix bug #79787 in 3d5de7d746