PHP 8.3.19: Downloads, Changelog, News

Release Information

Release
8.3.19
PHP Version
PHP 8.3
Release Date
Release Type
Security Update
Release Status
Latest Release in 8.3
Branch Status
Supported

Latest release for PHP 8.3. This release contains security fixes, and it is recommended to update as soon as possible.
PHP 8.3 continues to receive bug fixes and security fixes until 2025-12-31.

Downloads

Source Code

Git Clone
Use Git to clone the 8.3.19 tag from the PHP Git repository.
git clone https://github.com/php/php-src.git --depth 1 --branch php-8.3.19
How to compile PHP
PHP can be compiled by setting up the dependencies, building the configure script (./buildconf), configuring the build ./configure, and running make.
Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.

Windows binaries

Non-Thread Safe Builds
Non-Thread Safe (NTS) builds are single-threaded PHP builds. They can be used on web servers that integrate PHP over FastCGI protocol, such as Nginx, Caddy, and IIS.
Thread-Safe Builds
Thread-Safe (TS) builds are multi-thread PHP builds, often used to integrate PHP as a Server API for multithreaded servers. The most common use case is using PHP as an Apache module.

Docker/Podman Containers

PHP CLI
PHP CLI Containers images only include the PHP CLI, and no FPM or Apache modules. The Alpine builds are lightweight, but may introduce incompatibilities due to their musl builds. Albeit their larger size, the Debian-based (without the "-alpine" suffix) images are more complete, and widely used.

Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:8.3.19-cli-alpine

Debian-based: More compatible with other components, complete, and are widely used.
docker pull php:8.3.19-cli
PHP CLI + Web Server Integration
These container images include PHP CLI, and a web server integration. FPM container images can be integrated with web servers such as Nginx, Caddy, and Apache with Event MPM. The Apache container images include Apache web server, integrating PHP as an Apache module.

Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:8.3.19-fpm-alpine

Debian-based ZTS Apache: Includes Apache web server integrating PHP as an Apache module.
docker pull php:8.3.19-apache

Debian-based NTS FPM: PHP-FPM, can be integrated with Nginx, Caddy, and other web servers over Fast CGI.
docker pull php:8.3.19-fpm

ChangeLog

BCMath

  • Fixed bug GH-17398 (bcmul memory leak).

Core

  • Fixed bug GH-17623 (Broken stack overflow detection for variable compilation).
  • Fixed bug GH-17618 (UnhandledMatchError does not take zend.exception_ignore_args=1 into account).
  • Fix fallback paths in fastlong{add,sub}_function.
  • Fixed bug GH-17718 (Calling static methods on an interface that has __callStatic is allowed).
  • Fixed bug GH-17797 (zend_test_compile_string crash on invalid script path).
  • Fixed GHSA-rwp7-7vc6-8477 (Reference counting in php_request_shutdown causes Use-After-Free). (CVE-2024-11235)

DOM

  • Fixed bug GH-17847 (xinclude destroys live node).

FFI

  • Fix FFI Parsing of Pointer Declaration Lists.

FPM

  • Fixed bug GH-17643 (FPM with httpd ProxyPass encoded PATH_INFO env).

GD

  • Fixed bug GH-17772 (imagepalettetotruecolor crash with memory_limit=2M).

LDAP

  • Fixed bug GH-17704 (ldap_search fails when $attributes contains a non-packed array with numerical keys).

LibXML

MBString

  • Fixed bug GH-17503 (Undefined float conversion in mb_convert_variables).

Opcache

  • Fixed bug GH-17654 (Multiple classes using same trait causes function JIT crash).
  • Fixed bug GH-17577 (JIT packed type guard crash).
  • Fixed bug GH-17899 (zend_test_compile_string with invalid path when opcache is enabled).
  • Fixed bug GH-17868 (Cannot allocate memory with tracing JIT).

PDO_SQLite

  • Fixed GH-17837 ()::getColumnMeta() on unexecuted statement segfaults).
  • Fix cycle leak in sqlite3 setAuthorizer().

Phar

  • Fixed bug GH-17808: PharFileInfo refcount bug.

PHPDBG

  • Partially fixed bug GH-17387 (Trivial crash in phpdbg lexer).
  • Fix memory leak in phpdbg calling registered function.

Reflection

  • Fixed bug GH-15902 (Core dumped in ext/reflection/php_reflection.c).

Sockets

  • Fixed bug GH-17921 (socket_read/socket_recv overflow on buffer size).

Standard

  • Fixed bug #72666 (stat cache clearing inconsistent between file:// paths and plain paths).

Streams

Windows

  • Fixed phpize for Windows 11 (24H2).
  • Fixed GH-17855 (CURL_STATICLIB flag set even if linked with shared lib).

Zlib

  • Fixed bug GH-17745 (zlib extension incorrectly handles object arguments).
  • Fix memory leak when encoding check fails.
  • Fix zlib support for large files.

Commit List

Eric Mann

Niels Dossche

  • Fix branch target in zend_jit_push_call_frame() in fdeadcd9ba
Subscribe to PHP.Watch newsletter for monthly updates

You will receive an email on last Wednesday of every month and on major PHP releases with new articles related to PHP, upcoming changes, new features and what's changing in the language. No marketing emails, no selling of your contacts, no click-tracking, and one-click instant unsubscribe from any email you receive.

Support PHP.Watch — If you find the articles, version information, Codex, and other PHP.Watch contributions useful, consider supporting through GitHub Sponsors. Your sponsorship helps dedicate more time to creating valuable content and improving the PHP community. Together, we can keep the momentum going — thank you for your support!

Thanks to the highest tier sponsor: @TomasVotruba for your generous support to keep PHP.Watch moving 💜