PHP 7.3.5: Downloads, Changelog, News

Release Information

PHP Version
PHP 7.3
Release Date
Release Type
Security Update
Release Status
EOL, Use PHP 7.3.33
Branch Status

PHP 7.3 reached EOL on , and all releases of this version no longer receive security or bug fixes. Using PHP 7.3.5 is not recommended. PHP 7.3.33 is the latest version in the series.


Source Code

Git Clone
Use Git to clone the 7.3.5 tag from the PHP Git repository.
git clone --depth 1 --branch php-7.3.5
How to compile PHP
PHP can be compiled by setting up the dependencies, building the configure script (./buildconf), configuring the build ./configure, and running make.
Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.

Windows binaries

Non-Thread Safe Builds
Non-Thread Safe (NTS) builds are single-threaded PHP builds. They can be used on web servers that integrate PHP over FastCGI protocol, such as Nginx, Caddy, and IIS.
Thread-Safe Builds
Thread-Safe (TS) builds are multi-thread PHP builds, often used to integrate PHP as a Server API for multithreaded servers. The most common use case is using PHP as an Apache module.

Docker/Podman Containers

PHP CLI Containers images only include the PHP CLI, and no FPM or Apache modules. The Alpine builds are lightweight, but may introduce incompatibilities due to their musl builds. Albeit their larger size, the Debian-based (without the "-alpine" suffix) images are more complete, and widely used.

Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.3.5-cli-alpine

Debian-based: More compatible with other components, complete, and are widely used.
docker pull php:7.3.5-cli
PHP CLI + Web Server Integration
These container images include PHP CLI, and a web server integration. FPM container images can be integrated with web servers such as Nginx, Caddy, and Apache with Event MPM. The Apache container images include Apache web server, integrating PHP as an Apache module.

Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.3.5-fpm-alpine

Debian-based ZTS Apache: Includes Apache web server integrating PHP as an Apache module.
docker pull php:7.3.5-apache

Debian-based NTS FPM: PHP-FPM, can be integrated with Nginx, Caddy, and other web servers over Fast CGI.
docker pull php:7.3.5-fpm



  • Fixed bug #77903 (ArrayIterator stops iterating after offsetSet call).


  • Fixed bug #77794 (Incorrect Date header format in built-in server).



  • Fixed bug #72175 (Impossibility of creating multiple connections to Interbase with php 7.x).


  • Fixed bug #77895 (IntlDateFormatter::create fails in strict mode if $locale = null).


  • Fixed bug #77869 (Core dump when using server controls)


  • Fixed bug #77821 (Potential heap corruption in TSendMail()).


  • Implemented FR #72777 (Implement regex stack limits for mbregex functions).


  • Fixed bug #77773 (Unbuffered queries leak memory - MySQLi / mysqlnd).


  • Fixed bug #77827 (preg_match does not ignore \r in regex flags).


  • Fixed bug #77849 (Disable cloning of PDO handle/connection objects).


  • Fixed bug #76801 (too many open files).
  • Fixed bug #77800 (phpdbg segfaults on listing some conditional breakpoints).
  • Fixed bug #77805 (phpdbg build fails when readline is shared).


  • Fixed bug #77772 (ReflectionClass::getMethods(null) doesn't work).
  • Fixed bug #77882 (Different behavior: always calls destructor).


  • Fixed bug #77793 (Segmentation fault in extract() when overwriting reference with itself).
  • Fixed bug #77844 (Crash due to null pointer in parse_ini_string with INI_SCANNER_TYPED).
  • Fixed bug #77853 (Inconsistent substr_compare behaviour with empty haystack).

Commit List

Alessandro Chitolina

  • fix bug #76801: phpdbg too many open files error in b8b880932e
  • Ref #76801 remove old file source from file_sources hash in case of file included more than once in 4029c0b6a2

Anatol Belski

  • Fix memory leak in a2c87c7f29
  • Fix phar:// include handling with file cache in f31d7ca85e
  • Ensure double slashes are replaced by the path normalization in ce72bc6b65
  • Fix potential OPcache file cache related issues in 5477d68300


  • SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation strategy against potential security flaws in 58c25bf679

Cameron Porter

  • Fix bug #77849 Disable cloning of PDO handle/connection objects to avoid segfault in 9ec1525eb5

Christoph M. Becker

Côme Chilliet

Derick Rethans

Dmitry Stogov

George Wang

  • LiteSpeed SAPI 7.3, better process management, new API function litespeed_finish_request() in 1e7f1b90e8
  • Fixed bug in litespeed_finish_request(), disable fastcgi_finish_request() alias for now in 7b6c06966f

Joe Watkins

  • Fix #77800 phpdbg segfaults on conditional breakpoints in 7df8e4fc0a
  • more work on phpdbg conditional breaks in 6d3a2b4693
  • Fix #77805 phpdbg build fails when readline is shared in 7af270eb28
  • fix build: readline support must be disabled by default in phpdbg in b7442f1bb8
  • bump versions after release in 731eeb8dec
  • Follow up #77849 PDOStatement objects in undefined state after clone in a2b8a62abf

Matteo Beccati

  • Fixed SKIPIF when --disable-mbregex is used in 0dbb581cf4
  • Fixed SKIPIF when --disable-mbregex is used in 263c587854

Nikita Popov

Niklas Keller

Remi Collet

Samuele Kaplun

Sara Golemon

Stanislav Malyshev


  • Preserve keys in emulate_read_fd_set() in bdac9ef10d

Vlad Temian

  • Fix bug #77680: Correctly implement recursive mkdir on FTP stream in ec2ecb7e12

Yasuo Ohgaki

  • Implement RF bug #72777 - ensure stack limits on mbstring functions in 738016bd88
Subscribe to PHP.Watch newsletter for monthly updates

You will receive an email on last Wednesday of every month and on major PHP releases with new articles related to PHP, upcoming changes, new features and what's changing in the language. No marketing emails, no selling of your contacts, no click-tracking, and one-click instant unsubscribe from any email you receive.