Release Information
- Release Type
- Bug Fix Release
- Release Status
- Latest Release in 8.3
- Branch Status
- Supported
Latest release for PHP 8.3.
PHP 8.3 continues to receive bug fixes and security fixes until 2025-12-31.
Downloads
Source Code
Git Clone
Use Git to clone the 8.3.21 tag from the PHP Git repository.
git clone https://github.com/php/php-src.git --depth 1 --branch php-8.3.21
How to compile PHP
PHP can be compiled by setting up the dependencies, building the configure script (
Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
./buildconf
), configuring the build ./configure
, and running make
.Detailed articles on how to compile PHP are available for Ubuntu/Debian based systems and Fedora/RHEL based systems.
Windows binaries
Non-Thread Safe Builds
Non-Thread Safe (NTS) builds are single-threaded PHP builds. They can be used on web servers that integrate PHP over FastCGI protocol, such as Nginx, Caddy, and IIS.
php-8.3.21-x64NTS.zip (30.7 MiB)
php-8.3.21-x86NTS.zip (27.57 MiB)
Thread-Safe Builds
Thread-Safe (TS) builds are multi-thread PHP builds, often used to integrate PHP as a Server API for multithreaded servers. The most common use case is using PHP as an Apache module.
php-8.3.21-x64TS.zip (30.84 MiB)
php-8.3.21-x86TS.zip (27.55 MiB)
Docker/Podman Containers
PHP CLI
PHP CLI Containers images only include the PHP CLI, and no FPM or Apache modules. The Alpine builds are lightweight, but may introduce incompatibilities due to their musl builds. Albeit their larger size, the Debian-based (without the "-alpine" suffix) images are more complete, and widely used.
Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:8.3.21-cli-alpine
Debian-based: More compatible with other components, complete, and are widely used.
docker pull php:8.3.21-cli
PHP CLI + Web Server Integration
These container images include PHP CLI, and a web server integration. FPM container images can be integrated with web servers such as Nginx, Caddy, and Apache with Event MPM. The Apache container images include Apache web server, integrating PHP as an Apache module.
Alpine-based: Lightweight, but may introduce incompatibilities due to their musl builds.
docker pull php:8.3.21-fpm-alpine
Debian-based ZTS Apache: Includes Apache web server integrating PHP as an Apache module.
docker pull php:8.3.21-apache
Debian-based NTS FPM: PHP-FPM, can be integrated with Nginx, Caddy, and other web servers over Fast CGI.
docker pull php:8.3.21-fpm
ChangeLog
Core
- Fixed bug GH-18304 (Changing the properties of a DateInterval through dynamic properties triggers a SegFault).
- Fix some leaks in php_scandir.
Filter
- Fixed bug GH-18309 (ipv6 filter integer overflow).
GD
- Fixed
imagecrop()
overflow with rect argument with x/width y/heigh usage in gdImageCrop(). - Fixed GH-18243
imagettftext()
overflow/underflow on font size value.
Intl
- Fix reference support for
intltz_get_offset()
.
LDAP
- Fixed bug GH-17776 (LDAP_OPT_XTLS* options can't be overridden).
- Fix NULL deref on high modification key.
libxml
- Fixed custom external entity loader returning an invalid resource leading to a confusing TypeError message.
OpenSSL
- Fix memory leak in
openssl_sign()
when passing invalid algorithm. - Fix potential leaks when writing to BIO fails.
PDO Firebird
- Fixed GH-18276 - persistent connection - "
zend_mm_heap
corrupted" with setAttribute()
SPL
- Fixed bug GH-18322 (SplObjectStorage debug handler mismanages memory).
Standard
- Fixed bug GH-18145 (php8ts crashes in
php_clear_stat_cache()
). - Fixed bug GH-18209 (Use-after-free in
extract()
with EXTR_REFS). - Fixed bug GH-18212 (fseek with SEEK_CUR whence value and negative offset leads to negative stream position).
- Fix resource leak in
iptcembed()
on error.
Zip
- Fix uouv when handling empty options in
ZipArchive::addGlob()
. - Fix memory leak when handling a too long path in
ZipArchive::addGlob()
.
Commit List
David Carlier
ext/gd
: imagecrop rect argument overflow fixes in a1620048fb- Fix GH-18212: fseek with SEEK_CUR and negative offset crash on debug in 2e47442a6b
- Fixed GH-18243: imagettftext underflow/overflow on size argument in fe8dffef5d
Eric Mann
- Update versions for PHP 8.3.21 in 2d2a21057f
Gina Peter Banyard
ext/libxml
: Fixed custom external entity loader returning an invalid resource leading to a confusing TypeError message in 61f704f269
haszi
- Mark ob_start callback parameter nullable in 701f3a1af6
Ilija Tovilo
- Implement benchmark diff commit fallback in f994c2f1fa
- Use-after-free in
extract()
with EXTR_REFS in a21065e6eb
Jakub Zelenka
- Fix GH-18145: basic_globals_ctor initialization in 2197a490f7
Niels Dossche
- Add missing EXTENSIONS section to intl test in 13d51f895b
- Fix memory leak in
openssl_sign()
when passing invalid algorithm in 74720a22f3 - Fix
openssl_random_pseudo_bytes()
always setting strong_result to true in 0dc600c69a - Fix inverted call to
php_openssl_store_errors()
in 5e68671f88 - Fix resource leak in
iptcembed()
on error in 8a1f6711bf - Fix potential leaks when writing to BIO fails in 29f96fb1f1
- Fix GH-18304: Changing the properties of a DateInterval through dynamic properties triggers a SegFault in ba0853888d
- Fix GH-18309: ipv6 filter integer overflow in 8849a5336e
- Fix GH-18322: SplObjectStorage debug handler mismanages memory in 67503870ca
- Fix uouv when handling empty options in
ZipArchive::addGlob()
in 0a6326c6ac - Fix memory leak when handling a too long path in
ZipArchive::addGlob()
in 91c6c727d5 - Fix NULL deref on high modification key in c905d59106
- Fix reference support for
intltz_get_offset()
in bf4b470098 - Fix some leaks in
php_scandir
in 81d9a27c47
Remi Collet
- Fix GH-17776 LDAP_OPT_X_TLS_REQUIRE_CERT can't be overridden in 389de7c6bf
- NEWS for GH-17940 in 98fb27a577