PHP version 8.4.1
Community dropped some extensions from the PHP main sources, extensions are now built from PECL sources, therefore the packaging changes on Linux and IBM i:
RPM packages rebuilt and re-released 25 Nov 2024 as 8.4.1-1.
Fixed apache libphp and litespeed SAPI build options. Original release was built as ZTS, new build is fixed to be NTS. All loadable extensions are built as non-thread-safe, therefore sapi modules built as ZTS cannot use NTS extension modules.
PHP version 8.3.14, 8.2.26, 8.1.31 CVE fixes
LDAP
ldap_escape. (CVE-2024-8932)MySQLnd
PDO DBLIB
dblib quoter causing OOB writes. (CVE-2024-11236)PDO Firebird
firebird quoter causing OOB writes. (CVE-2024-11236)Streams
convert.quoted-printable-decode filter. (CVE-2024-11233)PHP version 7.2.34.21, 7.3.33.13, 7.4.33.8, 8.0.30.4 CVE fixes
CLI
sapi_read_post_data
Processing in CLI SAPI Interface.LDAP
ldap_escape. (CVE-2024-8932)MySQLnd
PDO DBLIB
dblib quoter causing OOB writes. (CVE-2024-11236)PDO Firebird
firebird quoter causing OOB writes. (CVE-2024-11236)Streams
convert.quoted-printable-decode filter. (CVE-2024-11233)PHP version 8.4.1 changes
BcMath
Core
EG(strtod_state).freelist leaks with opcache.preload.EG(strtod_state).freelist leaks with opcache.preload.zend_std_read_property.ReflectionProperty::isLazy().Curl
CURLOPT_BINARYTRANSFER constant.feature_list key to the curl_version() return value.CURL_HTTP_VERSION_3 (libcurl 7.66) and CURL_HTTP_VERSION_3ONLY (libcurl 7.88) as options for CURLOPT_HTTP_VERSION.CURLOPT_TCP_KEEPCNT to set the number of probes to send before dropping the connection.CURLOPT_PREREQFUNCTION Curl option to set a custom callback after the connection is established but before the request is performed.CURLOPT_SERVER_RESPONSE_TIMEOUT, which was formerly known as CURLOPT_FTP_RESPONSE_TIMEOUT.CURLOPT_DNS_USE_GLOBAL_CACHE option is now silently ignored.CURLOPT_DEBUGFUNCTION as a Curl option.curl_setopt* CURLOPT_WRITEFUNCTION without null callback.CURLMOPT_PUSHFUNCTION issues.Date
DateTime[Immutable]::createFromTimestamp.DateTime[Immutable]::[get|set]Microsecond.SUNFUNCS_RET_TIMESTAMP, SUNFUNCS_RET_STRING, and SUNFUNCS_RET_DOUBLE are now deprecated.DatePeriod not taking into account microseconds for end date.DBA
null or false to dba_key_split() is deprecated.Debugging
BaseException.DOM
DOMNode::compareDocumentPosition()
DOMNode::C14N() on large XML documents.DOMElement->prefix with empty string creating bogus prefix.DOMXPath::quote() static method.getElementById does not correctly work with duplicate definitions.(DOM)ParentNode and (DOM)ChildNode.DOM_PHP_ERR constant.DOMImplementation::getFeature().Element::$substitutedNodeValue test failed.ext/dom/html5_serializer.c.DOMElement consumes 4 times more memory in PHP 8.1 than in PHP 8.0.xmlns="" serialization should be allowed.ext/dom/element.c.Dom\Node::__construct causes assertion failure.DOMNode->getElementByTagName.Fileinfo
libmagic 5.45.ext/fileinfo.FPM
flush().FPM_BACKLOG_DEFAULT to SOMAXCONN./dev/poll events.mechanism for Solaris/Illumos setting has been retired.FTP
inet_ntoa call support.GD
imagecolorset().imagepng, imagejpeg, imagewep, and imageavif now throw an exception on invalid quality parameter.imagescale and imagefilter.gdImageClone to bundled libgd.Gettext
bind_textdomain_codeset, textdomain, and d(*)gettext functions now throw an exception on empty domain.GMP
GMP class is now final and cannot be extended anymore.Hash
hash_update() to true.HashContext::__debugInfo().IMAP
Intl
IntlDateFormatter::PATTERN constant.Numberformatter::__construct when the locale is invalid, now throws an exception.NumberFormatter::ROUND_TOWARD_ZERO and ::ROUND_AWAY_FROM_ZERO as aliases for ::ROUND_DOWN and ::ROUND_UP.NumberFormatter::ROUND_HALFODD.PROPERTY_IDS_UNARY_OPERATOR, PROPERTY_ID_COMPAT_MATH_START, and PROPERTY_ID_COMPAT_MATH_CONTINUE constants.IntlDateFormatter::getIanaID/intltz_get_iana_id method/function.resourcebundle_get(), ResourceBundle::get(), and accessing offsets on a ResourceBundle object now throw:
TypeError for invalid offset types.ValueError for an empty string.ValueError if the integer index does not fit in a signed 32-bit integer.ResourceBundle::get() now has a tentative return type of: ResourceBundle|array|string|int|null.grapheme_str_split.IntlDateFormatter::parseToCalendar.SpoofChecker::setAllowedChars to set Unicode character ranges.LDAP
LDAP_OPT_X_TLS_PROTOCOL_MAX/LDAP_OPT_X_TLS_PROTOCOL_TLS1_3 constants.LibXML
LIBXML_RECOVER constant.libxml_set_streams_context() now throws immediately on an invalid context instead of at the use site.LIBXML_NO_XXE constant.MBString
mb_trim, mb_ltrim, and mb_rtrim.mb_ucfirst and mb_lcfirst.mb_detect_encoding(): Argument $encodings contains invalid encoding "UTF8".Mysqli
mysqli_ping() function and mysqli::ping() method are now deprecated, as the reconnect feature was removed in PHP 8.2.mysqli_kill() function and mysqli::kill() method are now deprecated. If this functionality is needed, a SQL "KILL" command can be used instead.mysqli_refresh() function and mysqli::refresh() method are now deprecated. If this functionality is needed, a SQL "FLUSH" command can be used instead.$mode parameter to mysqli_store_result() has been deprecated.MYSQLI_STORE_RESULT_COPY_DATA constant was only used in conjunction with this function, it has also been deprecated.MySQLnd
Opcache
opcache.interned_strings_buffer to 32767 on 64-bit architectures.zend_jit.c.zend_cfg.c causes segfault.min function fails on typed integer.dasm_x86.h.opcache_jit_blacklist() function.Zend/zend_operators.c.OpenSSL
extraattribs parameter.openssl_csr_new allows multiple values in DN.serial_hex parameter to openssl_csr_sign.X509_PURPOSE_OCSP_HELPER and X509_PURPOSE_TIMESTAMP_SIGN constants.--with-openssl-legacy-provider to enable legacy provider.openssl_x509_parse should not allow omitted seconds in UTC times.PASSWORD_ARGON2 from OpenSSL 3.2.Output
url_rewriter.hosts not used by output_add_rewrite_var().PCNTL
pcntl_setns for Linux.pcntl_getcpuaffinity/pcntl_setcpuaffinity.pcntl_get_signal_handler signal ID upper limit to be more in line with platform limits.pcntl_getcpu for Linux/FreeBSD/Solaris/Illumos.pcntl_getqos_class/pcntl_setqos_class for macOS.SIGCKPT/SIGCKPTEXIT constants for DragonFlyBSD.SIGTRAP handling to pcntl_siginfo_to_zval.pcntl_waitid.pcntl_sigwaitinfo aborts on signal value as reference.PCRE
pcre2lib to version 10.43./r modifier.pcre2lib to version 10.44.PDO
setAttribute and getAttribute.pdo_* extensions.mysqlnd supports ER_CLIENT_INTERACTION_TIMEOUT.php_pdo_int.h is no longer installed; it is not supposed to be used by PDO drivers."Pdo\Mysql object is uninitialized" when opening a persistent connection.PDO_DBLIB
setAttribute and getAttribute.Pdo\DbLib.PDO_Firebird
setAttribute and getAttribute.pdo_firebird.Pdo\Firebird.Pdo\Firebird::ATTR_API_VERSION.getApiVersion() and removed it from getAttribute().PDO_MYSQL
setAttribute and getAttribute.Pdo\Mysql.PDO_MySQL not properly quoting PDO_PARAM_LOB binary data.PDO_ODBC
Pdo\Odbc.PDO_PGSQL
user/password PDO constructor arguments.pdo_pgsql query results.Pdo\Pgsql.Pdo\Pgsql::setNoticeCallBack method to receive DB notices.Pdo\Pgsql::setNoticeCallback().PQclosePrepared when available instead of the DEALLOCATE command to free statement resources.PGSQL_ATTR_RESULT_MEMORY_SIZE constant as it is provided by the new PDO subclass as Pdo\Pgsql::ATTR_RESULT_MEMORY_SIZE.PDO_SQLITE
Pdo\Sqlite.PDO::inTransaction reports false when in a transaction.PHPDBG
phpdbg.PGSQL
pg_select.PGSQL_CONNECT_FORCE_RENEW flag.pg_result_memory_size to get the query result memory usage.pg_change_password to alter a user's password.pg_put_copy_data/pg_put_copy_end to send COPY commands and signal the end of the COPY.pg_socket_poll to poll on the connection.pg_jit to get information on server JIT support.pg_set_chunked_rows_size to fetch results per chunk.pg_convert/pg_insert/pg_update/pg_delete: Regular expressions are now cached.Phar
POSIX
PSpell
Random
Readline
Reflection
ReflectionGenerator::getFunction() legal after generator termination.ReflectionGenerator::isClosed().ReflectionProperty::get{Hook,Hooks}() on dynamic properties.ReflectionProperty::isInitialized() is incorrect for hooked properties.ReflectionProperty::hasHook[s]() methods.ReflectionProperty::isFinal() method.ReflectionFunction::getNamespaceName() and ReflectionFunction::inNamespace() for closures is incorrect.ReflectionProperty::IS_VIRTUAL.ReflectionClass::resetAsLazyGhost().Session
session.sid_length and session.sid_bits_per_character are now deprecated.session.gc_divisor and negative values of session.gc_probability.session_encode().SimpleXML
simplexml_import_dom().SNMP
inet_ntoa call support.SOAP
setPersistence().SoapClient::__getLastResponseHeaders returns NULL if WSDL operation has no output.DateTime not converted to xsd:datetime.SoapServer::addFunction() is now deprecated. If all PHP functions need to be provided, flatten the array returned by get_defined_functions().SOAP_FUNCTIONS_ALL constant is now deprecated.SoapServer::__getLastResponse().Sockets
inet_ntoa call support.SO_EXCLUSIVEADDRUSE windows constant.SOCK_CONN_DGRAM/SOCK_DCCP NetBSD constants.TCP_SYNCNT constant for Linux to set the number of attempts to send SYN packets from the client.SO_EXCLBIND constant for exclusive socket binding on illumos/Solaris.socket_create_listen backlog argument default value to SOMAXCONN.SO_NOSIGPIPE constant to control the generation of SIGPIPE for macOS and FreeBSD.SO_LINGER_SEC for macOS, true equivalent of SO_LINGER in other platforms.closeonexec on socket created with socket_accept on Unix.IP_PORTRANGE* constants for BSD systems to control ephemeral port ranges.SOCK_NONBLOCK/SOCK_CLOEXEC constants for socket_create and socket_create_pair to apply O_NONBLOCK/O_CLOEXEC flags to newly created sockets.SO_BINDTOIFINDEX to bind a socket to an interface index.Sodium
SPL
SeekableIterator for SplObjectStorage.SplFixedArray::__wakeup() method has been deprecated as it implements __serialize() and __unserialize() which need to be overwritten instead.$escape parameter of SplFileObject::setCsvControl(), SplFileObject::fputcsv(), SplFileObject::fgetcsv() is now deprecated.Standard
phpinfo().round() result for 0.49999999999999994.round(): Validate the rounding mode.strcspn() odd behavior with NUL bytes and empty mask.inet_ntoa call support.number_format so the precision is not lost.round() function.debug_zval_dump() now indicates whether an array is packed.round.long2ip to string from string|false.round can handle by one digit.http_get_last_response_headers() and http_clear_last_response_headers() that allows retrieving the same content as the magic $http_response_header variable.php_base64_encode_ex() API.array_find(), array_find_key(), array_all(), and array_any().highlight_string() and print_r() return type to string|true.request_parse_body() options array.RoundingMode enum.crc32 auxiliary detection on OpenBSD.$escape parameter of fputcsv(), fgetcsv(), str_getcsv() is now deprecated.str_getcsv() function now throws ValueErrors when the $separator and $enclosure arguments are not one byte long, or if the $escape is not one byte long or the empty string. This aligns the behavior to be identical to that of fputcsv() and fgetcsv().php_uname() now throws ValueErrors on invalid inputs.allowed_classes option for unserialize() now throws TypeErrors and ValueErrors if it is not an array of class names.proc_open error reporting on Windows.http_build_query().array_find when references are involved.fpow() to be identical to pow().Streams
Tidy
tidyNode::getNextSibling() and tidyNode::getPreviousSibling().Windows
php.exe.GREP_HEADER() is broken.XML
XML_OPTION_PARSE_HUGE parser option.xml_get_current_byte_index limited to 32bit numbers on 64bit builds.xml_set_object() function has been deprecated.xml_set_*_handler() functions is now deprecated.XMLReader
XMLReader::fromStream(), XMLReader::fromUri(), XMLReader::fromString().var_dump doesn't actually work on XMLReader.XMLWriter
XMLWriter::toStream(), XMLWriter::toUri(), XMLWriter::toMemory().XSL
XSLTProcessor::setParameter() should allow both quotes to be used.XSLTProcessor::$maxTemplateDepth and XSLTProcessor::$maxTemplateVars.Zip
PHP version 8.3.14 fixes
CLI
cli-server started through shebang.sapi_read_post_data Processing in CLI SAPI Interface.COM
SafeArray data.Core
php 8.1 and earlier crash immediately when compiled with Xcode 16 clang on macOS 15.Zend/zend_weakrefs.c:646.ZEND_ACC_RETURN_REFERENCE for call trampoline.Curl
CurlMultiHandle holds a reference to CurlHandle if curl_multi_add_handle fails.Date
date_sunset() with tiny $utcOffset.date_sun_info() fails for non-finite values.DBA
dba_open() can segfault for "pathless" streams.DOM
DOMXPath breaks when not initialized properly.replaceChild.ext/dom/node.c.dom_import_simplexml stub is wrong.DOM->replaceChild.DOM -> cloneNode.EXIF
exif_thumbnail when not dealing with a real file.FFI
FFI object.Filter
FILTER_FLAG_HOSTNAME accepts ending hyphen.FPM
FPM logs are getting corrupted with this log statement.GD
imageaffine overflow on matrix elements.libavif return values.ext/gd/libgd/gd_interpolation.c:1007.GMP
gmp_pow when using large exposant values.gmp_export() can cause overflow.gmp_random_bits() can cause overflow.gmp_pow() overflow bug with large base/exponents.GMP objects.MBstring
mb_substr overflow on start/length arguments.Opcache
OpenSSL
openssl may modify member types of certificate arrays.openssl_csr_sign() $days overflow.openssl_x509_parse().PDO ODBC
PDO_ODBC can inject garbage into field values.Phar
ext/phar/phar.c:2808.PHPDBG
ev.Reflection
Session
session_set_cookie_params.cookie_lifetime ini value.SOAP
SoapClient.Sockets
socket_recvfrom $length argument.SPL
SplHeap.SplDoublyLinkedList::offsetSet().SplObjectStorage::setInfo().SplFixedArray::unset().Observer->serialize.__debugInfo() after failed SplFileObject::__constructor.SplDoublyLinked->serialize().SplObjectIterator instance.ArrayObject::unset() and ArrayObject::exchangeArray().Standard
assert() callback with bail enabled.SysVMsg
msg_send() crashes when a type does not properly serialize.SysVShm
shm_put_var.XMLReader
ext/xmlreader/php_xmlreader.c.Zlib
PHP version 8.2.26 fixes
CLI
cli-server started through shebang.sapi_read_post_data Processing in CLI SAPI Interface.COM
SafeArray data.Core
php 8.1 and earlier crash immediately when compiled with Xcode 16 clang on macOS 15.Zend/zend_weakrefs.c:646.ZEND_ACC_RETURN_REFERENCE for call trampoline.Curl
CurlMultiHandle holds a reference to CurlHandle if curl_multi_add_handle fails.Date
date_sunset() with tiny $utcOffset.date_sun_info() fails for non-finite values.DBA
dba_open() can segfault for "pathless" streams.DOM
DOMXPath breaks when not initialized properly.dom_import_simplexml stub is wrong.DOM->replaceChild.DOM -> cloneNode.EXIF
exif_thumbnail when not dealing with a real file.FFI
FFI object.Filter
FILTER_FLAG_HOSTNAME accepts ending hyphen.FPM
FPM logs are getting corrupted with this log statement.GD
imageaffine overflow on matrix elements.libavif return values.ext/gd/libgd/gd_interpolation.c:1007.GMP
gmp_pow when using large exposant values.gmp_export() can cause overflow.gmp_random_bits() can cause overflow.gmp_pow() overflow bug with large base/exponents.GMP objects.MBstring
mb_substr overflow on start/length arguments.OpenSSL
openssl may modify member types of certificate arrays.openssl_csr_sign() $days overflow.openssl_x509_parse().PDO ODBC
PDO_ODBC can inject garbage into field values.Phar
ext/phar/phar.c:2808.PHPDBG
ev.Reflection
Session
session_set_cookie_params.cookie_lifetime ini value.SOAP
SoapClient.Sockets
socket_recvfrom $length argument.SPL
SplHeap.SplDoublyLinkedList::offsetSet().SplObjectStorage::setInfo().SplFixedArray::unset().Observer->serialize.__debugInfo() after failed SplFileObject::__constructor.SplDoublyLinked->serialize().SplObjectIterator instance.ArrayObject::unset() and ArrayObject::exchangeArray().Standard
assert() callback with bail enabled.SysVMsg
msg_send() crashes when a type does not properly serialize.SysVShm
shm_put_var.XMLReader
ext/xmlreader/php_xmlreader.c.Zlib
PHP version 8.1.31 fixes
sapi_read_post_data Processing in CLI SAPI Interface.PHP version 8.4.5, 8.3.19 CVE fixes
Core
php_request_shutdown causes Use-After-Free. (CVE-2024-11235)LibXML
libxml streams use wrong content-type header when requesting a redirected resource. (CVE-2025-1219)Streams
http stream wrapper does not handle folded headers. (CVE-2025-1217)PHP version 8.2.28, 8.1.32 CVE fixes
LibXML
libxml streams use wrong content-type header when requesting a redirected resource. (CVE-2025-1219)Streams
http stream wrapper does not handle folded headers. (CVE-2025-1217)PHP version 8.4.5 changes
BCMath
bcmul memory leak.Core
UnhandledMatchError does not take zend.exception_ignore_args=1 into account.fast_long_{add,sub}_function.__callStatic is allowed.ReflectionProperty::getRawValue() and related methods may call hooks of overridden properties.zend_mm_heap corrupted error after upgrading from 8.4.3 to 8.4.4.DOM
Dom\NO_DEFAULT_NS instead of Dom\HTML_NO_DEFAULT_NS.\Dom\HTMLDocument querySelector attribute name is case sensitive in HTML.xinclude destroys live node.Dom\Node with Dom\XPath callbacks.GD
imagescale with both width and height negative values triggers only an Exception on width.FFI
FFI Parsing of Pointer Declaration Lists.FPM
FPM with httpd ProxyPass encoded PATH_INFO env.GD
imagepalettetotruecolor crash with memory_limit=2M.LDAP
ldap_search fails when $attributes contains a non-packed array with numerical keys.LibXML
MBString
mb_convert_variables.Opcache
JIT crash.JIT packed type guard crash.FETCH_OBJ_R breaks JIT.cases() method on preloaded enum.JIT on 8.4.4.PDO_SQLite
()::getColumnMeta() on unexecuted statement segfaults.setAuthorizer().pdo_sqlite callback registration.Phar
PharFileInfo refcount bug.PHPDBG
phpdbg lexer.phpdbg calling registered function.Reflection
ext/reflection/php_reflection.c.Standard
stat cache clearing inconsistent between file:// paths and plain paths.Streams
realloc with size 0 in user_filters.c._php_stream_scandir().Windows
phpize for Windows 11 (24H2).CURL_STATICLIB flag set even if linked with shared lib.Zlib
zlib extension incorrectly handles object arguments.zlib support for large files.PHP version 8.3.19 changes
BCMath
bcmul memory leak.Core
UnhandledMatchError does not take zend.exception_ignore_args=1 into account.fast_long_{add,sub}_function.__callStatic is allowed.zend_test_compile_string crash on invalid script path.DOM
xinclude destroys live node.FFI
FFI Parsing of Pointer Declaration Lists.FPM
FPM with httpd ProxyPass encoded PATH_INFO env.GD
imagepalettetotruecolor crash with memory_limit=2M.LDAP
ldap_search fails when $attributes contains a non-packed array with numerical keys.LibXML
MBString
mb_convert_variables.Opcache
JIT crash.JIT packed type guard crash.zend_test_compile_string with invalid path when opcache is enabled.JIT.PDO_SQLite
()::getColumnMeta() on unexecuted statement segfaults.setAuthorizer().Phar
PharFileInfo refcount bug.PHPDBG
Reflection
Standard
Streams
Windows
Zlib
PHP version 8.2.28 changes
Core
LibXML
Windows
PHP version 8.1.32 changes
LibXML
Windows
PHP version 8.4.3 changes
BcMath
0 and -0
Number::round() does not remove trailing zerosCore
get_iterator pointer for hooked classes in shm on WindowsZEND_MATCH_ERROR misoptimizationzend_array_try_init() with dtor can cause engine UAFAST->string does not reproduce constructor property promotion correctlyDBA
inifile is disabledDOM
DOM memory leakDom\TokenList issues with interned string replaceimportNode
Embed
embed portableFFI
FFI header parser chokes on commentsZEND_FFI_TYPE_CHAR conversion failureFileinfo
FPM
FPM: ERROR: scoreboard: failed to lock (already locked)
bug64539-status-json-encoding.phpt fail on 32-bitsGD
nan value in ext/gd/libgd/gd_filter.c
libgd bug 276: Sometimes pixels are missing when storing images as BMPs
Gettext
ext/gettext/gettext.c bindtextdomain()
Iconv
iconv filter failureLDAP
ldap_search() fails when $attributes array has holesLibXML
libxml encoding handlingMBString
Opcache
opcache_get_configuration() properly reports jit_prof_threshold
ZEND_FETCH_DIM_FUNC_ARG
op1 of FETCH_OBJ and INIT_METHOD_CALL
SCCP causes segfaultUBSAN warning in ext/opcache/jit/zend_jit_vm_helpers.c
PCNTL
pcntl_exec() when a non-stringable value is encountered past the first entryPgSql
pg_fetch_result shows incorrect ArgumentCountError message when called with 1 argumentArgumentCountError for calls with flexible number of argumentsPhar
ext/phar/phar.c
SimpleXML
SimpleXML's unset can break DOM objectsSimpleXML crash when using autovivification on documentSockets
socket_strerror overflow handling with INT_MIN
SO_LINGER values setting, strengthening values check on SO_SNDTIMEO/SO_RCVTIMEO for socket_set_option()
SPL
SplFixedArray assertion failure with get_object_vars
NULL deref in spl_directory.c
Streams
fopen HTTP wrapper timeout valueglob:// wrapper doesn't cater to CWD for ZTS buildsWindows
proc_open() against cmd.exe hijackingXML
zend_hash
PHP version 8.3.16 changes
Core
ZEND_MATCH_ERROR misoptimizationzend_array_try_init() with dtor can cause engine UAFAST->string does not reproduce constructor property promotion correctlydl()
Date
DatePeriod::__construct() overflow on recurrencesDBA
inifile is disabledDOM
importNode
Embed
embed portableFFI
FFI header parser chokes on commentsZEND_FFI_TYPE_CHAR conversion failureFilter
FPM
FPM: ERROR: scoreboard: failed to lock (already locked)
bug64539-status-json-encoding.phpt fail on 32-bitsGD
nan value in ext/gd/libgd/gd_filter.c
libgd bug 276: Sometimes pixels are missing when storing images as BMPs
Gettext
ext/gettext/gettext.c bindtextdomain()
Iconv
iconv filter failureLDAP
ldap_search() fails when $attributes array has holesLibXML
libxml encoding handlingMBString
Opcache
opcache_get_configuration() properly reports jit_prof_threshold
SCCP causes segfaultPCNTL
pcntl_exec() when a non-stringable value is encountered past the first entryPgSql
pg_fetch_result shows incorrect ArgumentCountError message when called with 1 argumentArgumentCountError for calls with flexible number of argumentsPhar
ext/phar/phar.c
SimpleXML
SimpleXML's unset can break DOM objectsSimpleXML crash when using autovivification on documentSockets
socket_strerror overflow handling with INT_MIN
SO_LINGER values setting, strengthening values check on SO_SNDTIMEO/SO_RCVTIMEO for socket_set_option()
SPL
NULL deref in spl_directory.c
Streams
fopen HTTP wrapper timeout valueglob:// wrapper doesn't cater to CWD for ZTS buildsWindows
proc_open() against cmd.exe hijackingXML
zend_hash
PHP version 8.4.4 changes
Core
ini_parse_quantity() fails to parse inputs starting with 0x0b
ini_parse_quantity() fails to emit warning for 0x+0
__PROPERTY__ magic constant does not work in all constant expression contextsfinal+private warning for trait methods with inherited finalNULL arithmetic during system program execution on WindowsZend/zend_exceptions.c
may_have_extra_named_args flag for ZEND_AST_UNPACK
NULL arithmetic in System V shared memory emulation for Windows#[\Deprecated] does not work for __call() and __callStatic()
DOM
ext/dom/php_dom.c
Dom\HTMLDocument::createFromString
Dom\HTMLDocument
nodeName on nameless doctypeDom\HTMLDocument
getElementsByTagName returns collections with tagName-based indexingEnchant
enchant when passing null bytesFTP
ftp functions can abort with EINTR
GD
imagefttext() ignores clipping rect for palette imageslibgd 223: gdImageRotateGeneric() does not properly interpolateGIFs without colormap to bundled libgd
Gettext
bindtextdomain SEGV on invalid domainIntl
intl causing segfault in docker imagesOpcache
ext/opcache/jit/zend_jit_ir.c:8940
PCNTL
pcntl_setcpuaffinity exception type from ValueError to TypeError for the cpu mask argument with entries type different than int/string
PCRE
regex
PDO
PDOStatement
PDO Firebird Statement destructorctor argsPgSql
PGRES_TUPLES_CHUNK is not present in the systemPhar
phar extractTo()
PHPDBG
Session
SID constantext/session NULL pointer dereferencement during ID resetSimpleXML
Zend/zend_hash.c:1730
SNMP
SNMP::setSecurity segfault on closed sessionSPL
ext/spl/spl_array.c
SplFileTempObject::getPathInfo() Undefined behavior on invalid classStandard
Windows
clang compiler detectionZip
zip_entry_name() crash on invalid entryPHP version 8.3.17 changes
Core
ini_parse_quantity() fails to parse inputs starting with 0x0b
ini_parse_quantity() fails to emit warning for 0x+0
final+private warning for trait methods with inherited finalNULL arithmetic during system program execution on WindowsZend/zend_exceptions.c
may_have_extra_named_args flag for ZEND_AST_UNPACK
NULL arithmetic in System V shared memory emulation for WindowsDOM
nodeName on nameless doctypeEnchant
enchant when passing null bytesFTP
ftp functions can abort with EINTR
GD
imagefttext() ignores clipping rect for palette imageslibgd 223: gdImageRotateGeneric() does not properly interpolateIntl
intl causing segfault in docker imagesUConverter::transcode always emit E_WARNING on invalid encodingOpcache
PDO
PDOStatement
PDO Firebird Statement destructorctor argsPhar
phar extractTo()
PHPDBG
Session
SID constantext/session NULL pointer dereferencement during ID resetSimpleXML
Zend/zend_hash.c:1730
SNMP
SNMP::setSecurity segfault on closed sessionSPL
SplTempFileObject::ftruncate with negative valueZip
zip_entry_name() crash on invalid entryPHP version 8.0.30.5, 7.4.33.9, 7.3.33.15 and 7.2.34.23 changes
PHP version 7.3.33.14 and 7.2.34.22 changes
PHP version 8.3.6, 8.2.18, 8.1.28, 8.0.30.1, 7.4.33.5, 7.3.33.10, 7.2.34.18
IBM i PHP error log is stored as /www/zendphp/logs/php_errors.log by default for new installations
Windows build:
PHP versions 8.3.6, 8.2.18, 8.1.28
Debian and Ubuntu packages
PHP version 8.3.6 fixes
Core
GC_MAX_BUF_SIZE when scanning WeakMaps.AX_GCC_FUNC_ATTRIBUTE failure.DOM
XPath evaluation results.FPM
fpm_shm_free().GD
GDLIB_CFLAGS in feature tests.Gettext
sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL.MySQLnd
check_mb_eucjpms().Opcache
QM_ASSIGN may be optimized out when op1 is null.Random
mt_srand with unknown modes.Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used.Session
session_decode and compilation error.SPL
zend_string.h.Standard
\n in $additional_headers of mail().file_put_contents fail on strings over 4GB on Windows.mbstring on windows build (msvc).PHP version 8.2.18 fixes
Core
AX_GCC_FUNC_ATTRIBUTE failure.DOM
XPath evaluation results.phpdoc for DOMDocument load methods.FPM
fpm_shm_free().GD
GDLIB_CFLAGS in feature tests.Gettext
sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL.MySQLnd
check_mb_eucjpms().Opcache
QM_ASSIGN may be optimized out when op1 is null.PDO
Random
mt_srand with unknown modes.Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used.Session
session_decode and compilation error.Sockets
socket_getsockname returns random characters in the end of the socket name.SPL
SplfixedArray after being unserialized in PHP 8.2.15.zend_string.h.Standard
\n in $additional_headers of mail().file_put_contents fail on strings over 4GB on Windows.XML
--with-expat.PHP version 8.3.6, 8.2.18, 8.1.28 CVE fixes
$command parameter of proc_open. (CVE-2024-1874)__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix. (CVE-2024-2756)password_verify can erroneously return true, opening ATO risk. (CVE-2024-3096)PHP version 8.3.6 CVE fixes
mb_encode_mimeheader runs endlessly for some inputs. (CVE-2024-2757)PHP version 7.2.34.18, 7.3.33.10, 7.4.33.5, 8.0.30.1 CVE fixes
__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix. (CVE-2024-2756)password_verify can erroneously return true, opening ATO risk. (CVE-2024-3096)PHP version 7.4.33.5, 8.0.30.1 CVE fixes
$command parameter of proc_open. (CVE-2024-1874)PHP version 8.4.2 changes
BcMath
COM
DISPATCH variant segfaultsCore
setRawValueWithoutLazyInitialization() and skipLazyInitialization() may change initialized proxyis_zend_ptr() huge block comparisonzend_dirname() on Windowsprintf() can strip sign of -INF
Curl
curl mime handlingDBA
dba_list() is now zero-indexed instead of using resource idsDOM
FPM
GMP
array_sum() with GMP can lose precision (LLP64)Opcache
JIT_G(enabled) not set correctly on other threadsopcache tests fail zts+aarch64
call_level
SAPI
rfc1867
PHPDBG
phpdbg_clear()
Standard
UNDEF propertiesarray_shift with self-referencing arrayStreams
Windows
PHP version 8.3.15 changes
Calendar
jdtogregorian overflowcal_to_jd julian_days argument overflowCOM
DISPATCH variant segfaultsCore
Zend/zend_vm_execute.h:7469
is_zend_ptr() huge block comparisonzend_dirname() on WindowsCurl
open_basedir bypass using curl extensioncurl mime handlingDOM
DOM object after it is in a document causes UAFFPM
fpm_get_status
GD
imagecreatefromstring overflowGMP
array_sum() with GMP can lose precision (LLP64)Hash
mhash()
Opcache
UNDEF
JIT_G(enabled) not set correctly on other threadsopcache tests fail zts+aarch64
OpenSSL
openssl exportsphp_openssl_pkey_from_zval()
PDO
setFetchMode()
Phar
phar:// tar parser and zero-length file header blocksPHPDBG
phpdbg_clear()
SAPI
rfc1867
SimpleXML
RecursiveIteratorIterator->current() with an XML element inputSOAP
ext/soap
Standard
UNDEF propertiesarray_shift with self-referencing arrayStreams
Windows
PHP version 8.2.27 changes
Calendar
jdtogregorian overflowcal_to_jd julian_days argument overflowCOM
DISPATCH variant segfaultsCore
Zend/zend_vm_execute.h:7469
is_zend_ptr() huge block comparisonzend_dirname() on WindowsCurl
curl mime handlingFPM
fpm_get_status
GD
imagecreatefromstring overflowGMP
gmp_pow() overly restrictive overflow checksHash
mhash()
Opcache
UNDEF
JIT_G(enabled) not set correctly on other threadsopcache tests fail zts+aarch64
OpenSSL
openssl exportsphp_openssl_pkey_from_zval()
PDO
setFetchMode()
Phar
phar:// tar parser and zero-length file header blocksPHPDBG
phpdbg_clear()
SAPI
rfc1867
SimpleXML
RecursiveIteratorIterator->current() with an XML element inputSNMP
snmget modifies the object_id arrayStandard
UNDEF propertiesStreams
Windows
PHP version 8.3.7 fixes
Core
zend_call_stack build with Linux/uclibc-ng without thread support.execute_data->opline pointers in observer fcall handlers when JIT is enabled.Zend/zend_opcode.c.filename and lineno are identified incorrectly.void keyword.Fibers
copy().Fileinfo
ext/fileinfo/tests/bug78987.phpt on big-endian PPC.FPM
Intl
MySQLnd
Opcache
zend_class_init_statics when using opcache.preload.OpenSSL
PDO SQLite
agg_context->val correctly.Phar
zend_hash.c.EVP_SignInit.PHPDBG
zval in phpdbg_frame.Posix
ext/posix.Session
ps_files in ext/session/mod_files.c.ini_set with session.trans_sid_hosts.Streams
file_get_contents() on Windows fails with "errno=22 Invalid argument".PHP_STREAM_OPTION_CHECK_LIVENESS case in ext/openssl/xp_ssl.c - causing use of dead socket.Treewide
Wcalloc-transposed-args warnings.PHP version 8.2.19 fixes
Core
execute_data->opline pointers in observer fcall handlers when JIT is enabled.Zend/zend_opcode.c.filename and lineno are identified incorrectly.void keyword.Fibers
copy().FPM
Intl
MySQLnd
Opcache
OpenSSL
PDO SQLite
agg_context->val correctly.Phar
zend_hash.c.EVP_SignInit.PHPDBG
zval in phpdbg_frame.Posix
ext/posix.Session
ps_files in ext/session/mod_files.c.ini_set with session.trans_sid_hosts.Streams
file_get_contents() on Windows fails with "errno=22 Invalid argument".PHP_STREAM_OPTION_CHECK_LIVENESS case in ext/openssl/xp_ssl.c - causing use of dead socket.Treewide
Wcalloc-transposed-args warnings.