PHP 7.4 reached EOL on , and all releases of this version no longer receive security or bug fixes. Using PHP 7.4.5 is not recommended. PHP 7.4.33 is the latest version in the series.
Downloads
Source Code
Git Clone
Use Git to clone the 7.4.5 tag from the PHP Git repository.
git clone https://github.com/php/php-src.git --depth 1 --branch php-7.4.5How to compile PHP
PHP can be compiled by setting up the dependencies, building the configure script (
Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
./buildconf), configuring the build ./configure, and running make.Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
Windows binaries
Non-Thread Safe Builds
Non-Thread Safe (NTS) builds are single-threaded PHP builds. They can be used on web servers that integrate PHP over FastCGI protocol, such as Nginx, Caddy, and IIS.
php-7.4.5-x64NTS.zip (24.79 MiB)
php-7.4.5-x86NTS.zip (23.09 MiB)
Thread-Safe Builds
Thread-Safe (TS) builds are multi-thread PHP builds, often used to integrate PHP as a Server API for multithreaded servers. The most common use case is using PHP as an Apache module.
php-7.4.5-x64TS.zip (24.90 MiB)
php-7.4.5-x86TS.zip (23.06 MiB)
Docker/Podman Containers
PHP CLI
PHP CLI Containers images only include the PHP CLI, and no FPM or Apache modules. The Alpine builds are lightweight, but may introduce incompatibilities due to their musl builds. Albeit their larger size, the Debian-based (without the "-alpine" suffix) images are more complete, and widely used.
Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.4.5-cli-alpineDebian-based: More compatible with other components, complete, and are widely used.
docker pull php:7.4.5-cliPHP CLI + Web Server Integration
These container images include PHP CLI, and a web server integration. FPM container images can be integrated with web servers such as Nginx, Caddy, and Apache with Event MPM. The Apache container images include Apache web server, integrating PHP as an Apache module.
Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:7.4.5-fpm-alpineDebian-based ZTS Apache: Includes Apache web server integrating PHP as an Apache module.
docker pull php:7.4.5-apacheDebian-based NTS FPM: PHP-FPM, can be integrated with Nginx, Caddy, and other web servers over Fast CGI.
docker pull php:7.4.5-fpmChangeLog
Core
- Fixed bug #79364 (When copy empty array, next key is unspecified).
- Fixed bug #78210 (Invalid pointer address).
CURL
- Fixed bug #79199 (
curl_copy_handle()memory leak).
Date
- Fixed bug #79396 (DateTime hour incorrect during DST jump forward).
- Fixed bug #74940 (DateTimeZone loose comparison always true).
FPM
- Implement request #77062 (Allow numeric [UG]ID in FPM listen.{owner,group})
Iconv
- Fixed bug #79200 (Some iconv functions cut Windows-1258).
OPcache
- Fixed bug #79412 (Opcache chokes and uses 100% CPU on specific script).
Session
- Fixed bug #79413 (
session_create_id()fails for active sessions).
Shmop
- Fixed bug #79427 (Integer Overflow in
shmop_open()).
SimpleXML
- Fixed bug #61597 (SXE properties may lack attributes and content).
SOAP
- Fixed bug #79357 (SOAP request segfaults when any request parameter is missing).
Spl
- Fixed bug #75673 (
SplStack::unserialize()behavior). - Fixed bug #79393 (Null coalescing operator failing with SplFixedArray).
Standard
- Fixed bug #79330 (
shell_exec()silently truncates after a null byte). - Fixed bug #79465 (OOB Read in
urldecode()). (CVE-2020-7067) - Fixed bug #79410 (
system()swallows last chunk if it is exactly 4095 bytes without newline).
Zip
Commit List
Andre Nathan
- Allow numeric [UG]ID in FPM listen.{owner,group} in 0b4e80b8c1
Christian Schneider
- Fix bug #79410 (
system()swallows last chunk if it is exactly 4095 bytes without newline) in c0840fec9c
Christoph M. Becker
- Fix intermittent test failures of windows_mb_path tests in 04c9c4ae7d
- Fix #75673:
SplStack::unserialize()behavior in b84277297a - Skip test on Windows if privileges are insufficient in dc4f42508d
- PHP-7.4 is now 7.4.5-dev in 02beefd5af
- Enclose INI values containing {TMP} in quotes in d5e206620b
- Fix #79364: When copy empty array, next key is unspecified in 2462f2dab1
- Fix #78210: Invalid pointer address in 53797c206a
- Fix #61597: SXE properties may lack attributes and content in 7c081db885
- Fix #79199:
curl_copy_handle()memory leak in 2b5fc8e325 - Fix #79371:
mb_strtolower(UTF-32LE): stack-buffer-overflow in 1fdffd1c55 - Fix #79371:
mb_strtolower(UTF-32LE): stack-buffer-overflow in db848e1482 - Fix #79283: Segfault in libmagic patch contains a buffer overflow in aa88f33f7d
- Fix NEWS in 6a4fff4682
- Improve FFI test suite for Windows in 280485adc1
- Fix potential test conflict in 9e6d80dc8f
- Fix #79393: Null coalescing operator failing with SplFixedArray in 47c745555c
- Fix #79200: Some iconv functions cut Windows-1258 in 32a2644305
- Fix test for Windows in ba404f21e4
- Fix leak on Windows as well in 0afdf194f0
- Fix #79427: Integer Overflow in
shmop_open()in a681b12820 - Fix #74940: DateTimeZone loose comparison always true in a2f8c78183
- Fix #79413:
session_create_id()fails for active sessions in b510250b8e - Next is 7.3.18 in 33226c3a17
Derick Rethans
- PHP-7.4 is now 7.4.5-dev in dc3e3e64f2
- Mention which categories to use for patch releases in 673a3ceaa2
- Update NEWS in f10c944c3d
- Update header in e5c5832df8
- Update versions for PHP 7.4.5 in ab4d1893fa
Dmitry Stogov
- Allow to fetch function address in e902e4acd9
- Export
FFI::__BIGGEST_ALIGNMENT__in c45552e32b - Allow to fetch function address in ecdaf83f5f
- Export
FFI::__BIGGEST_ALIGNMENT__in fee614f66b - Avoid "Anonymous class wasn't preloaded" error by lazely loading of not preloaded part of a preloaded script in 2dddab01ae
- Call global code of preloaded script in global context in 3c6e9bed1a
- identation fix in b6492b4453
- Check asserts early in c5159b3832
- Fixed bug #79412 (Opcache chokes and uses 100% CPU on specific script) in 65120cfc09
George Peter Banyard
- Explicitly declare the char as signed in
zend_ffi_valin 6e88f19346
Jacob Dreesen
- Fix typo in php.ini comment in 68e2da6362
Lukas Berger
- Add missing 'skip' to
bug79332.phptskip message in 7f9b534e3a
Max Rees
- Fix #79424
ext/zip: don't use gl_pathc after call to globfree in 04920645f1
Nate Brunette
- Fix #79396: DateTime hour incorrect during DST jump forward in d70058a139
Nikita Popov
- Add test for bug #63816 in c3ab8fd3f8
- Fix community job in 979978cb61
- Fixed bug #79357 in 760faa12b2
- Don't specify ports in
socket_export_stream-4.phptin a57905dbac - Use "set -e" in some pipeline steps in 372331fc6d
- Explicitly start mysql in bf382a3cb6
- Make
bug52820.phptmore robust in ba6834fa57 - Clarify
session.cookie_samesite="None" in c00cce3229 - Fix RSA memory leak in mysqlnd auth in db08ef0d32
- Handle NULL caller_call_opline in 34f1266a9c
- Add test file in 2e8db5d6be
- Don't check directory nlink in stat tests in b9b49cfb7b
Peter Seiderer
- Check for sys/auxv.h before using it in f73528f0e0
Remi Collet
- this test needs json in b093bd6ae8
- bump verison to 7.2.30-dev in 3072b77c21
- Fix Bug #79296
ZipArchive::openfails on empty file in 8aab43c85d - NEWS in 51c57a9c67
- NEWS in 6c0f9c3fc6
- unneeded after fix in 347d18b48e
- NEWS in d66a063e0f
Stanislav Malyshev
- Fixed bug #79282 in 41f66e2a2c
- Fix bug #79329 - get_headers should not accept \0 in 0d139c5b94
- Fix test in 2c081b7e26
- Fixed bug #79282 in 25238bdf60
- Fix bug #79329 - get_headers should not accept \0 in 69fdc14152
- Fix test in 62e7b80267
- Fixed bug #79282 in b9d32197cb
- Fix bug #79329 - get_headers should not accept \0 in 335547a04d
- Fix test in 1599f440a5
Xinchen Hui
- Folder mark missed in 22c83454d6