PHP 8.3.14: Downloads, Changelog, News

Release Information

Release: 8.3.14
PHP Version: PHP 8.3
Release Date: 2024 Nov 07
Release Type: Security Update
Release Status: Latest
Branch Status: Supported (Latest)

Latest PHP release in the latest version. This release contains security fixes, and it is recommended to update as soon as possible.
PHP 8.3 continues to receive bug fixes and security fixes until 2025-12-31.

PHP can be compiled by setting up the dependencies, building the configure script (./buildconf), configuring the build ./configure, and running make.
Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.

Windows binaries

Non-Thread Safe Builds

Non-Thread Safe (NTS) builds are single-threaded PHP builds. They can be used on web servers that integrate PHP over FastCGI protocol, such as Nginx, Caddy, and IIS.

php-8.3.14-x64NTS.zip (30.68 MiB)

php-8.3.14-x86NTS.zip (27.56 MiB)

Thread-Safe Builds

Thread-Safe (TS) builds are multi-thread PHP builds, often used to integrate PHP as a Server API for multithreaded servers. The most common use case is using PHP as an Apache module.

php-8.3.14-x64TS.zip (30.83 MiB)

php-8.3.14-x86TS.zip (27.53 MiB)

Docker/Podman Containers

PHP CLI

PHP CLI Containers images only include the PHP CLI, and no FPM or Apache modules. The Alpine builds are lightweight, but may introduce incompatibilities due to their musl builds. Albeit their larger size, the Debian-based (without the "-alpine" suffix) images are more complete, and widely used.

Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.

docker pull php:8.3.14-cli-alpine

Debian-based: More compatible with other components, complete, and are widely used.

docker pull php:8.3.14-cli

PHP CLI + Web Server Integration

These container images include PHP CLI, and a web server integration. FPM container images can be integrated with web servers such as Nginx, Caddy, and Apache with Event MPM. The Apache container images include Apache web server, integrating PHP as an Apache module.

Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.

docker pull php:8.3.14-fpm-alpine

Debian-based ZTS Apache: Includes Apache web server integrating PHP as an Apache module.

docker pull php:8.3.14-apache

Debian-based NTS FPM: PHP-FPM, can be integrated with Nginx, Caddy, and other web servers over Fast CGI.

docker pull php:8.3.14-fpm

ChangeLog

CLI

Fixed bug GH-16373 (Shebang is not skipped for router script in cli-server started through shebang).
Fixed bug GHSA-4w77-75f9-2c8w (Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface).

COM

Fixed out of bound writes to SafeArray data.

Core

Fixed bug GH-16168 (php 8.1 and earlier crash immediately when compiled with Xcode 16 clang on macOS 15).
Fixed bug GH-16371 (Assertion failure in Zend/zend_weakrefs.c:646).
Fixed bug GH-16515 (Incorrect propagation of ZEND_ACC_RETURN_REFERENCE for call trampoline).
Fixed bug GH-16509 (Incorrect line number in function redeclaration error).
Fixed bug GH-16508 (Incorrect line number in inheritance errors of delayed early bound classes).
Fixed bug GH-16648 (Use-after-free during array sorting).
Fixed bug GH-15915 (overflow with a high value for precision INI). (David Carlier / cmb)

Curl

Fixed bug GH-16302 (CurlMultiHandle holds a reference to CurlHandle if curl_multi_add_handle fails).

Date

Fixed bug GH-16454 (Unhandled INF in date_sunset() with tiny $utcOffset).
Fixed bug GH-14732 (date_sun_info() fails for non-finite values).

DBA

Fixed bug GH-16390 (dba_open() can segfault for "pathless" streams).

DOM

Fixed bug GH-16316 (DOMXPath breaks when not initialized properly).
Add missing hierarchy checks to replaceChild.
Fixed bug GH-16336 (Attribute intern document mismanagement).
Fixed bug GH-16338 (Null-dereference in ext/dom/node.c).
Fixed bug GH-16473 (dom_import_simplexml stub is wrong).
Fixed bug GH-16533 (Segfault when adding attribute to parent that is not an element).
Fixed bug GH-16535 (UAF when using document as a child).
Fixed bug GH-16593 (Assertion failure in DOM->replaceChild).
Fixed bug GH-16595 (Another UAF in DOM -> cloneNode).

EXIF

Fixed bug GH-16409 (Segfault in exif_thumbnail when not dealing with a real file).

FFI

Fixed bug GH-16397 (Segmentation fault when comparing FFI object).

Filter

Fixed bug GH-16523 (FILTER_FLAG_HOSTNAME accepts ending hyphen).

FPM

Fixed bug GH-16628 (FPM logs are getting corrupted with this log statement).

GD

Fixed bug GH-16334 (imageaffine overflow on matrix elements).
Fixed bug GH-16427 (Unchecked libavif return values).
Fixed bug GH-16559 (UBSan abort in ext/gd/libgd/gd_interpolation.c:1007).

GMP

Fixed floating point exception bug with gmp_pow when using large exposant values.
Fixed bug GH-16411 (gmp_export() can cause overflow).
Fixed bug GH-16501 (gmp_random_bits() can cause overflow).
Fixed gmp_pow() overflow bug with large base/exponents.
Fixed segfaults and other issues related to operator overloading with GMP objects.

LDAP

Fixed bug GHSA-g665-fm4p-vhff (OOB access in ldap_escape). (CVE-2024-8932)

MBstring

Fixed bug GH-16361 (mb_substr overflow on start/length arguments).

MySQLnd

Fixed bug GHSA-h35g-vwh6-m678 (Leak partial content of the heap through heap buffer over-read). (CVE-2024-8929)

Opcache

Fixed bug GH-16408 (Array to string conversion warning emitted in optimizer).

OpenSSL

Fixed bug GH-16357 (openssl may modify member types of certificate arrays).
Fixed bug GH-16433 (Large values for openssl_csr_sign() $days overflow).
Fix various memory leaks on error conditions in openssl_x509_parse().

PDO DBLIB

Fixed bug GHSA-5hqh-c84r-qjcv (Integer overflow in the dblib quoter causing OOB writes). (CVE-2024-11236)

PDO Firebird

Fixed bug GHSA-5hqh-c84r-qjcv (Integer overflow in the firebird quoter causing OOB writes). (CVE-2024-11236)

PDO ODBC

Fixed bug GH-16450 (PDO_ODBC can inject garbage into field values).

Phar

Fixed bug GH-16406 (Assertion failure in ext/phar/phar.c:2808).

PHPDBG

Fixed bug GH-16174 (Empty string is an invalid expression for ev).

Reflection

Fixed bug GH-16601 (Memory leak in Reflection constructors).

Session

Fixed bug GH-16385 (Unexpected null returned by session_set_cookie_params).
Fixed bug GH-16290 (overflow on cookie_lifetime ini value).

SOAP

Fixed bug GH-16318 (Recursive array segfaults soap encoding).
Fixed bug GH-16429 (Segmentation fault access null pointer in SoapClient).

Sockets

Fixed bug with overflow socket_recvfrom $length argument.

SPL

Fixed bug GH-16337 (Use-after-free in SplHeap).
Fixed bug GH-16464 (Use-after-free in SplDoublyLinkedList::offsetSet()).
Fixed bug GH-16479 (Use-after-free in SplObjectStorage::setInfo()).
Fixed bug GH-16478 (Use-after-free in SplFixedArray::unset()).
Fixed bug GH-16588 (UAF in Observer->serialize).
Fix GH-16477 (Segmentation fault when calling debugInfo() after failed SplFileObject::constructor).
Fixed bug GH-16589 (UAF in SplDoublyLinked->serialize()).
Fixed bug GH-14687 (segfault on SplObjectIterator instance).
Fixed bug GH-16604 (Memory leaks in SPL constructors).
Fixed bug GH-16646 (UAF in ArrayObject::unset() and ArrayObject::exchangeArray()).

Standard

Fixed bug GH-16293 (Failed assertion when throwing in assert() callback with bail enabled).

Streams

Fixed bug GHSA-c5f2-jwm7-mmq2 (Configuring a proxy in a stream context might allow for CRLF injection in URIs). (CVE-2024-11234)
Fixed bug GHSA-r977-prxv-hc43 (Single byte overread with convert.quoted-printable-decode filter). (CVE-2024-11233)

SysVMsg

Fixed bug GH-16592 (msg_send() crashes when a type does not properly serialized). (David Carlier / cmb)

SysVShm

Fixed bug GH-16591 (Assertion error in shm_put_var).

XMLReader

Fixed bug GH-16292 (Segmentation fault in ext/xmlreader/php_xmlreader.c).

Zlib

Fixed bug GH-16326 (Memory management is broken for bad dictionaries.)

Commit List

Arnaud Le Blanc

Fix handling of invalid iterator in zend_weakmap_iterator_get_current_key() in 1d94fb86b7
Fix tests: Prevent stack overflow during dtor in f3e87e2a6d

Christoph M. Becker

Fix out of bound writes to SafeArray data in 1ee56bdd5a
Revert "Fix GH-16322: overflow on imageaffine matrix argument." in 9b64d3212d
Fix GH-16174: Empty string is an invalid expression for phpdbg-ev in 6bcba24eb0
Fix GH-16357: openssl may modify member types of certificate arrays in 549bcdb7fb
Fix GH-16388: UB when freeing a cloned _ZendTestFiber in a3eb1fd86d
Fix GH-16326: Memory management is broken for bad dictionaries in d94be24f30
Fix GH-16427: Unchecked libavif return values in b817a4f718
Fix GH-16411: gmp_export() can cause overflow in ab595c0764
Fix GH-16433: Large values for openssl_csr_sign() $days overflow in 2bdf2f9100
Download enchant dict from downloads.php.net in 5ef3fe218c
Fix GH-16454: Unhandled INF in date_sunset() with tiny $utcOffset in 9bc34182b6
Fix GH-16390: dba_open() can segfault for "pathless" streams in d3b0efe9d7
Fix GH-16266: _ZendTestClass::test() segfaults on named parameter in b73bcaa47c
Fix GH-16523: FILTER_FLAG_HOSTNAME accepts ending hyphen in f9ce5e79da
Fix GH-16450: PDO_ODBC can inject garbage into field values in c9eafc1954
Properly initialize _override executor globals in ec68d3c608
Fix GH-14732: date_sun_info() fails for non-finite values in f9453a889d
Patch libcurl.pc for macOS builds in 72ff8a62b6
Need to define BREW_OPT in 193c57bb6f
Adapt ext/intl tests for ICU 75.1 and 76.1 in 738c85cfc4

David Carlier

Fix GH-16322: overflow on imageaffine matrix argument in 05114265fb
Revert "Fix GH-16322: overflow on imageaffine matrix argument." in 93a2fe8aac
Fix GH-16360 mb_substr overflow on start and length arguments in c34d4fbbf4
Fix GH-16322: imageaffine overflow on affine argument in f2859a4050
Fix socket_recvfrom overflow on buffer size in e583890af0
Fix GH-16290: session cookie_lifetime ini value overflow in 84a8fea251
ext/gmp: gmp_pow fix FPE with large values in d70b7811b0
Fix GH-16501: gmp_random_bits overflow in 9ca68e037c
ext/gmp: gmp_pow fix FPE with large values in e0a0e216a9
Fix GH-14687 segfault on debugging a freed SplObjectIterator instance in eeec0939e0
Fix GH-16592 msg_send() crashes when the type does not serialize as expected in 90aac521fd

Derick Rethans

Fixed bug GH-16037 (Assertion failure in ext/date/php_date.c) in b2b294a2b2

Dmitry Stogov

Fix GH-16393: Assertion failure in ext/opcache/jit/zend_jit.c:2897 in bf786d0d28
Fix GH-16499: [JIT] Undefined to null coercion issues for return in fe513655dc

Eric Mann

Merge pull request #22 from php/PHP-8.3.14-security in 8f3f3b529c
Fix NEWS date in eb84377d5a
Update versions for PHP 8.3.14 in dc83dee900

Gina Peter Banyard

Fix GH-16477 (Segmentation fault when calling debugInfo() after failed SplFileObject::constructor) in 9f5b5e34c3
Fix GH-16477 (Segmentation fault when calling debugInfo() after failed SplFileObject::constructor) in a19029fc8b
ext/gmp: Add behavioural tests for operator overloading in fe02fd5095
ext/gmp: Fix segfault when null is encountered on an overloaded operator in 5253647500

Ilija Tovilo

Fix array to string conversion warning emitted in optimizer in c5745f40a5
Skip shebang in cli-server router script in 06efe44c2e
Fix exception in assert() callback with bail enabled in b5c09b1a61
Fix segfault in zend_test_execute_internal() in 5c798415cd
Fix segfault on debug_backtrace() in _ZendTestFiber in 5955ce8987
Fix deprecation warnings in tests in 817d21ecc4
Fix uaf in SplDoublyLinkedList::offsetSet() in 8820a10360
Fix use-after-free in SplObjectStorage::setInfo() in 12c987fae2
Fix uaf in SplFixedArray::unset() in 7fe168d855
Fix propagation of ZEND_ACC_RETURN_REFERENCE for call trampoline in 8720063c4e
Fix handling of nested generator in zend_test observer in 69bcbdc3c5
Fix lineno in function redeclaration error in de7ef3fa66
Fix lineno for inheritance errors of early bound classes in 2d068c4f47
Backport CI fixes to security branches in 25c0993902
Fix icu dependency for macos build in e3de1a1a21
Backport nightly.yml and nightly_matrix.php to PHP-8.1 in 27e8860594
[CI] Backport usage of db service for 8.1 in 560a585117
Partial backport of e7462bf in ed041c3443
Remove -Werror for libmysql test on 8.1 only in 769947648e
Fix array going away during sorting in 2bdce61390
Postpone zend_array_sort() in ext-intl in 845cdbce67
Fix use-after-free in ArrayObject::unset() with destructor in 8910ac800d
Also fix same issue in ArrayObject::exchangeArray() in f7222bd2de
Add NEWS entry in 418f820f5d

Jakub Zelenka

Fix GHSA-c5f2-jwm7-mmq2: stream HTTP fulluri CRLF injection in ab16b79dfd
Fix GHSA-h35g-vwh6-m678: Mysqlnd - various heap buffer over-reads in 70f9d6c428
Make MySQLnd protocol stmt test work on 32bit in 5580a382bd
Fix MySQLnd possible buffer over read in auth_protocol in 2a885e3dc8
Run labeler only in php/php-src repository in 7cf6791f6a
Update NEWS with security fixes info in 1234971aa9

Niels Dossche

Fix GH-16292: Segmentation fault in ext/xmlreader/php_xmlreader.c:1282 in 5c1249391b
Fix GH-16316: DOMXPath breaks when not initialized properly in 1d0fbdf449
Fix GH-16168: php 8.1 and earlier crash immediately when compiled with Xcode 16 clang on macOS 15 in e2e2b3ab62
Fix GH-16385: Unexpected null returned by session_set_cookie_params in 7cdd1302c3
Fix GH-16337: Use-after-free in SplHeap in a56ff4fec7
Add missing hierarchy checks to replaceChild in 3ed01d454d
Backport 0a39890c: Fix libxml2 2.12 build due to API breaks in fa6a0f80f6
Backport e2d97314: Backport deprecation warning ignores to unbreak CI in dbde99d875
Backport 4fe82131: Backport libxml2 2.13.2 fixes in GH-14816
Backport f74f9b07: Update libxml test for the directory field behaviour change in b78618750f
Backport 3ec5919e: Update error message for libxml 2.13 in 6199289b6e
Workaround deprecation warning in zend_test on 8.1 in 5bd04acfe9
Backport 061058a9: Test fixes for libxml2 2.12.0 in 14c107371c
Fix error message for newer libxml in 2c40762b4e
Fix GH-16318: Recursive array segfaults soap encoding in 6ff4a2d7a8
Fix GH-16409: Segfault in exif_thumbnail when not dealing with a real file in 3843f0ecfe
Fix GH-16397: Segmentation fault when comparing FFI object in GH-16401
Fix GH-16429: Segmentation fault (access null pointer) in SoapClient in d613c0ed30
Fix various document ref pointer mismanagements in 5cb38e9d24
Fix GH-16406: Assertion failure in ext/phar/phar.c:2808 in 6a8d0a054d
Fix GH-16473: dom_import_simplexml stub is wrong in 41af9335b7
Fix GH-16533: Segfault when adding attribute to parent that is not an element in a0a7361b64
Fix GH-16535: UAF when using document as a child in 51b642f2c9
Fix GH-16559: UBSan abort in ext/gd/libgd/gd_interpolation.c:1007 in e1e1e64a32
Fix GH-16588: UAF in Observer->serialize in 144d2ee29a
Fix GH-16591: Assertion error in shm_put_var in 992ac1c25a
Fix GH-16589: UAF in SplDoublyLinked->serialize() in 8f60309a78
Fix GH-16593: Assertion failure in DOM->replaceChild in d89dd28d3b
Fix GH-16595: Another UAF in DOM -> cloneNode in 9d8983c061
Fix GH-16604: Memory leaks in SPL constructors in 886a5287ca
Fix GH-16601: Memory leak in Reflection constructors in f0f666ba3f
Fix GH-16628: FPM logs are getting corrupted with this log statement in e643129bbb
Fix various memory leaks on error conditions in openssl_x509_parse() in 5ddb75660d
Fix GHSA-5hqh-c84r-qjcv: Integer overflow in the dblib quoter causing OOB writes in e20734c704
Fix GHSA-5hqh-c84r-qjcv: Integer overflow in the firebird quoter causing OOB writes in 2518ec1118
Fix GHSA-g665-fm4p-vhff: OOB access in ldap_escape in d0f0ff56b4
Fix GHSA-r977-prxv-hc43 in c105552413
Fix GHSA-4w77-75f9-2c8w in 434e74fa3d

Saki Takamachi

Backport 3237b8f4 in 8497400b23

Tim Düsterhus

curl: Prevent a CurlMultiHandle from holding onto a CurlHandle if add_handle fails in GH-16302