PHP 7.3.8: Downloads, Changelog, News

Release Information

Release
7.3.8
PHP Version
PHP 7.3
Release Date
Release Type
Security Update
Release Status
EOL, Use PHP 7.3.33
Branch Status
Unsupported

PHP 7.3 reached EOL on , and all releases of this version no longer receive security or bug fixes. Using PHP 7.3.8 is not recommended. PHP 7.3.33 is the latest version in the series.

Downloads

Source Code

Git Clone
Use Git to clone the 7.3.8 tag from the PHP Git repository.
git clone https://github.com/php/php-src.git --depth 1 --branch php-7.3.8
How to compile PHP
PHP can be compiled by setting up the dependencies, building the configure script (./buildconf), configuring the build ./configure, and running make.
Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.

Windows binaries
Non-Thread Safe Builds
Non-Thread Safe (NTS) builds are single-threaded PHP builds. They can be used on web servers that integrate PHP over FastCGI protocol, such as Nginx, Caddy, and IIS.
Thread-Safe Builds
Thread-Safe (TS) builds are multi-thread PHP builds, often used to integrate PHP as a Server API for multithreaded servers. The most common use case is using PHP as an Apache module.

Docker/Podman Containers

PHP CLI
PHP CLI Containers images only include the PHP CLI, and no FPM or Apache modules. The Alpine builds are lightweight, but may introduce incompatibilities due to their musl builds. Albeit their larger size, the Debian-based (without the "-alpine" suffix) images are more complete, and widely used.

Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.3.8-cli-alpine

Debian-based: More compatible with other components, complete, and are widely used.
docker pull php:7.3.8-cli
PHP CLI + Web Server Integration
These container images include PHP CLI, and a web server integration. FPM container images can be integrated with web servers such as Nginx, Caddy, and Apache with Event MPM. The Apache container images include Apache web server, integrating PHP as an Apache module.

Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.3.8-fpm-alpine

Debian-based ZTS Apache: Includes Apache web server integrating PHP as an Apache module.
docker pull php:7.3.8-apache

Debian-based NTS FPM: PHP-FPM, can be integrated with Nginx, Caddy, and other web servers over Fast CGI.
docker pull php:7.3.8-fpm

ChangeLog

Core

  • Added syslog.filter=raw option.
  • Fixed bug #78212 (Segfault in built-in webserver).

Date

  • Fixed bug #69044 (discrepency between time and microtime).
  • Updated timelib to 2018.02.

EXIF

FTP

  • Fixed bug #78039 (FTP with SSL memory leak).

Libxml

  • Fixed bug #78279 (libxml_disable_entity_loader settings is shared between requests (cgi-fcgi)).

LiteSpeed

  • Updated to LiteSpeed SAPI V7.4.3 (increased response header count limit from 100 to 1000, added crash handler to cleanly shutdown PHP request, added CloudLinux mod_lsapi mode).
  • Fixed bug #76058 (After "POST data can't be buffered", using php://input makes huge tmp files).

Openssl

  • Fixed bug #78231 (Segmentation fault upon stream_socket_accept of exported socket-to-stream).

Opcache

  • Fixed bug #78189 (file cache strips last character of uname hash).
  • Fixed bug #78202 (Opcache stats for cache hits are capped at 32bit NUM).
  • Fixed bug #78271 (Invalid result of if-else).
  • Fixed bug #78291 (opcache_get_configuration doesn't list all directives).
  • Fixed bug #78341 (Failure to detect smart branch in DFA pass).

PCRE

  • Fixed bug #78197 (PCRE2 version check in configure fails for "##.##-xxx" version strings).
  • Fixed bug #78338 (Array cross-border reading in PCRE).

PDO_Sqlite

  • Fixed bug #78192 (SegFault when reuse statement after schema has changed).

Phar

  • Fixed bug #77919 (Potential UAF in Phar RSHUTDOWN).

Phpdbg

  • Fixed bug #78297 (Include unexistent file memory leak).

SQLite

  • Upgraded to SQLite 3.28.0.

Standard

  • Fixed bug #78241 (touch() does not handle dates after 2038 in PHP 64-bit).
  • Fixed bug #78269 (password_hash uses weak options for argon2).

Commit List

Alex Scott

  • Fix bug #78138: opcache.validate_permission incorrectly works with PHAR files in a4acff3e21

Anatol Belski

Andrew Collington

Andrey Hristov

Asher Baker

Christoph M. Becker

Côme Chilliet

Derick Rethans

Dmitry Stogov

Erik Lundin

George Peter Banyard

  • Convert short tag to standard tag in Zend test file in 63f1def367

George Wang

Joe Watkins

  • Resolve discrepencies between second value yielded by gettimeofday and time, fixes #69044 in 65067dff01
  • export php_time in 599b94ff14
  • fix setcookie Max-Age to use php_time in 31a1c1e67c

Joshua Westerheide

Nikita Popov

Niklas Keller

  • Fix memory leak in TLS matches_san_list in fea9f93166

Peter Kokot

Remi Collet

Stanislav Malyshev

sunnyeo

Tyson Andre

  • Fix bug in opcache flags for mysqli_get_charset in 7350e808c5
  • Fix opcache signatures for mysqli_stat in 07c63c6fdf
  • Be more precise about possible types for mysqli methods in 5d3e3a62a2

Vincent

  • Fix bug #78192 PDO SQLite SegFault when reuse statement after schema has changed in 05c00a832c
Subscribe to PHP.Watch newsletter for monthly updates

You will receive an email on last Wednesday of every month and on major PHP releases with new articles related to PHP, upcoming changes, new features and what's changing in the language. No marketing emails, no selling of your contacts, no click-tracking, and one-click instant unsubscribe from any email you receive.

Support PHP.Watch — If you find the articles, version information, Codex, and other PHP.Watch contributions useful, consider supporting through GitHub Sponsors. Your sponsorship helps dedicate more time to creating valuable content and improving the PHP community. Together, we can keep the momentum going — thank you for your support!

Thanks to the highest tier sponsor: @TomasVotruba for your generous support to keep PHP.Watch moving 💜