Release Information
- Release Type
- Security Update
- Release Status
- Latest
- Branch Status
- Security-Fixes Only
PHP 8.1 is currently only receiving security fixes, and scheduled to reach EOL on 2025-12-31
Downloads
Source Code
git clone https://github.com/php/php-src.git --depth 1 --branch php-8.1.30
./buildconf
), configuring the build ./configure
, and running make
.Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
Windows binaries
Docker/Podman Containers
docker pull php:8.1.30-cli-alpine
docker pull php:8.1.30-cli
docker pull php:8.1.30-fpm-alpine
docker pull php:8.1.30-apache
docker pull php:8.1.30-fpm
ChangeLog
CGI
- Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926)
- Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927)
FPM
- Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered). (CVE-2024-9026)
SAPI
- Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data). (CVE-2024-8925)
Commit List
Arnaud Le Blanc
- Fix GHSA-9pqp-7h25-4f32 in d65a1e6f91
Ben Ramsey
- Update NEWS in 557e09f678
- Update versions for PHP 8.1.30 in 773c0eda4a
Jakub Zelenka
- Fix GHSA-865w-9rf3-2wh5: FPM: Logs from childrens may be altered in 4580b8b3e1
- Update NEWS with security fixes info in 8d87bc3e26
- Skip GHSA-9pqp-7h25-4f32 test on Windows in 4bcc7d5778
Niels Dossche
- Fix GHSA-9fcc-425m-g385: bypass CVE-2024-1874 in 4b15f5d4ec
- Fix GHSA-3qgc-jrrr-25jv in 9382673148
- Fix GHSA-w8qr-v226-r27w in 7e0e3cc820
- Fix GHSA-p99j-rfp4-xqvq in 4b9cd27ff5
- Fix GHSA-94p6-54jq-9mwp in c1c14c8a0f