- version update to 8.3.11
Core:
Fixed bug GH-15020 (Memory leak in Zend/Optimizer/escape_analysis.c).
Fixed bug GH-15023 (Memory leak in Zend/zend_ini.c).
Fixed bug GH-13330 (Append -Wno-implicit-fallthrough flag conditionally).
Fix uninitialized memory in network.c.
Fixed bug GH-15108 (Segfault when destroying generator during shutdown).
Fixed bug GH-15275 (Crash during GC of suspended generator delegate).
Curl:
Fixed case when curl_error returns an empty string.
DOM:
Fix UAF when removing doctype and using foreach iteration.
FFI:
Fixed bug GH-14286 (ffi enum type (when enum has no name) make memory leak).
Hash:
Fix crash when converting array data for array in shm in xxh3.
Intl:
Fixed bug GH-15087 (IntlChar::foldCase()'s $option is not optional).
Opcache:
Fixed bug GH-13817 (Segmentation fault for enabled observers after pass 4).
Fixed bug GH-13775 (Memory leak possibly related to opcache SHM placement).
Output:
Fixed bug GH-15179 (Segmentation fault (null pointer dereference) in ext/standard/url_scanner_ex.re).
PDO_Firebird:
Fix bogus fallthrough path in firebird_handle_get_attribute().
PHPDBG:
Fixed bug GH-13199 (EOF emits redundant prompt in phpdbg local console mode with libedit/readline).
Fixed bug GH-15268 (heap buffer overflow in phpdbg (zend_hash_num_elements() Zend/zend_hash.h)).
Fixed bug GH-15210 use-after-free on watchpoint allocations.
Soap:
OBS-URL: https://build.opensuse.org/request/show/1197730
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/php8?expand=0&rev=73
- version update to 8.3.9
Core:
Fixed bug GH-14315 (Incompatible pointer type warnings).
Fixed bug GH-12814 (max_execution_time reached too early on MacOS 14 when running on Apple Silicon).
Fixed bug GH-14387 (Crash when stack walking in destructor of yielded from values during Generator->throw()).
Fixed bug GH-14456 (Attempting to initialize class with private constructor calls destructor).
Fixed bug GH-14510 (memleak due to missing pthread_attr_destroy()-call).
Fixed bug GH-14549 (Incompatible function pointer type for fclose).
BCMatch:
Fixed bug (bcpowmod() with mod = -1 returns 1 when it must be 0).
Curl:
Fixed bug GH-14307 (Test curl_basic_024 fails with curl 8.8.0).
DOM:
Fixed bug GH-14343 (Memory leak in xml and dom).
FPM:
Fixed bug GH-14037 (PHP-FPM ping.path and ping.response config vars are ignored in status pool).
GD:
Fix parameter numbers for imagecolorset().
Intl:
Fix reference handling in SpoofChecker.
MySQLnd:
Partially fix bug GH-10599 (Apache crash on Windows when using a self-referencing anonymous function inside a class with an active mysqli connection).
Opcache:
Fixed bug GH-14267 (opcache.jit=off does not allow enabling JIT at runtime).
Fixed TLS access in JIT on FreeBSD/amd64.
Fixed bug GH-11188 (Error when building TSRM in ARM64).
PDO ODBC:
Fixed bug GH-14367 (incompatible SDWORD type with iODBC).
PHPDBG:
Fixed bug GH-13681 (segfault on watchpoint addition failure).
OBS-URL: https://build.opensuse.org/request/show/1186042
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/php8?expand=0&rev=71
- version update to 8.3.8 [bsc#1226073]
CGI:
Fixed buffer limit on Windows, replacing read call usage by _read.
Fixed bug GHSA-3qgc-jrrr-25jv (Bypass of CVE-2012-1823, Argument Injection in PHP-CGI). (CVE-2024-4577)
CLI:
Fixed bug GH-14189 (PHP Interactive shell input state incorrectly handles quoted heredoc literals.).
Core:
Fixed bug GH-13970 (Incorrect validation of #[Attribute] flags type for non-compile-time expressions).
DOM:
Fix crashes when entity declaration is removed while still having entity references.
Fix references not handled correctly in C14N.
Fix crash when calling childNodes next() when iterator is exhausted.
Fix crash in ParentNode::append() when dealing with a fragment containing text nodes.
Filter:
Fixed bug GHSA-w8qr-v226-r27w (Filter bypass in filter_var FILTER_VALIDATE_URL). (CVE-2024-5458)
FPM:
Fix bug GH-14175 (Show decimal number instead of scientific notation in systemd status).
Hash:
ext/hash: Swap the checking order of `__has_builtin` and `__GNUC__` (Saki Takamachi)
Intl:
Fixed build regression on systems without C++17 compilers.
MySQLnd:
Fix bug GH-14255 (mysqli_fetch_assoc reports error from nested query).
Opcache:
Fixed bug GH-14109 (Fix accidental persisting of internal class constant in shm).
OpenSSL:
The openssl_private_decrypt function in PHP and Marvin attack.
Standard:
Fixed bug GHSA-9fcc-425m-g385 (Bypass of CVE-2024-1874). (CVE-2024-5585)
XML:
OBS-URL: https://build.opensuse.org/request/show/1179157
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/php8?expand=0&rev=68
- version update to 8.3.7
Core:
Fixed zend_call_stack build with Linux/uclibc-ng without thread support.
Fixed bug GH-13772 (Invalid execute_data->opline pointers in observer fcall handlers when JIT is enabled).
Fixed bug GH-13931 (Applying zero offset to null pointer in Zend/zend_opcode.c).
Fixed bug GH-13942 (Align the behavior of zend-max-execution-timers with other timeout implementations).
Fixed bug GH-14003 (Broken cleanup of unfinished calls with callable convert parameters).
Fixed bug GH-14013 (Erroneous dnl appended in configure).
Fixed bug GH-10232 (If autoloading occurs during constant resolution filename and lineno are identified incorrectly).
Fixed bug GH-13727 (Missing void keyword).
Fibers:
Fixed bug GH-13903 (ASAN false positive underflow when executing copy()).
Fileinfo:
Fixed bug GH-13795 (Test failing in ext/fileinfo/tests/bug78987.phpt on big-endian PPC).
FPM:
Fixed bug GH-13563 (Setting bool values via env in FPM config fails).
Intl:
Fixed build for icu 74 and onwards.
MySQLnd:
Fix shift out of bounds on 32-bit non-fast-path platforms.
Opcache:
Fixed bug GH-13433 (Segmentation Fault in zend_class_init_statics when using opcache.preload).
Fixed incorrect assumptions across compilation units for static calls.
OpenSSL:
Fixed bug GH-10495 (feof on OpenSSL stream hangs indefinitely).
PDO SQLite:
Fix GH-13984 (Buffer size is now checked before memcmp).
Fix GH-13998 (Manage refcount of agg_context->val correctly).
Phar:
Fixed bug GH-13836 (Renaming a file in a Phar to an already existing filename causes a NULL pointer dereference).
OBS-URL: https://build.opensuse.org/request/show/1172959
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/php8?expand=0&rev=67
- version update to 8.3.6
Core:
Fixed GH-13569 (GC buffer unnecessarily grows up to GC_MAX_BUF_SIZE when scanning WeakMaps).
Fixed bug GH-13612 (Corrupted memory in destructor with weak references).
Fixed bug GH-13446 (Restore exception handler after it finishes).
Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure).
Fixed bug GH-13670 (GC does not scale well with a lot of objects created in destructor).
DOM:
Add some missing ZPP checks.
Fix potential memory leak in XPath evaluation results.
FPM:
Fixed GH-11086 (FPM: config test runs twice in daemonised mode).
Fix incorrect check in fpm_shm_free().
GD:
Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests).
Gettext:
Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL.
MySQLnd:
Fix GH-13452 (Fixed handshake response [mysqlnd]).
Fix incorrect charset length in check_mb_eucjpms().
Opcache:
Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null).
Fixed GH-13712 (Segmentation fault for enabled observers when calling trait method of internal trait when opcache is loaded).
Random:
Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown modes).
Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used).
Session:
Fixed bug GH-13680 (Segfault with session_decode and compilation error).
SPL:
Fixed bug GH-13685 (Unexpected null pointer in zend_string.h).
OBS-URL: https://build.opensuse.org/request/show/1167767
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/php8?expand=0&rev=66
- version update to 8.3.4
- version update to 8.3.3
* A bugfix release.
- version update to 8.3.2
- version update to 8.3.1
https://www.php.net/ChangeLog-8.php#8.3.1
- version update to 8.3.0
* https://www.php.net/releases/8.3/en.php
* Typed class constants
* Dynamic class constant fetch
* New #[\Override] attribute
* Deep-cloning of readonly properties
* New json_validate() function
* New Randomizer::getBytesFromString() method
* New Randomizer::getFloat() and Randomizer::nextFloat() methods
* New DOMElement::getAttributeNames(),
DOMElement::insertAdjacentElement(),
DOMElement::insertAdjacentText(),
DOMElement::toggleAttribute(),
DOMNode::contains(), DOMNode::getRootNode(),
DOMNode::isEqualNode(), DOMNameSpaceNode::contains(), and
DOMParentNode::replaceChildren() methods.
* New IntlCalendar::setDate(),
IntlCalendar::setDateTime(),
IntlGregorianCalendar::createFromDate(), and
IntlGregorianCalendar::createFromDateTime() methods.
* New ldap_connect_wallet(), and ldap_exop_sync() functions.
* New mb_str_pad() function.
* New posix_sysconf(), posix_pathconf(), posix_fpathconf(),
OBS-URL: https://build.opensuse.org/request/show/1164955
OBS-URL: https://build.opensuse.org/package/show/devel:languages:php/php8?expand=0&rev=151
