The PHP development team announces three new versions: 7.2.31, 7.3.18, 7.4.6. All versions has been released at May 14 and available immediately at their download page. For every releases, there are many improvements and bug fixes. All PHP users are encouraged to upgrade to this version.
But if you want to use precompiled one, you must wait for your distribution to provide it.
PHP 7.2.31 Changelog
- Core:
PHP 7.3.18 Changelog
- Core:
- Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned). (CVE-2019-11048)
- Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (CVE-2019-11048)
- Fixed bug #79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference on !CS constant).
- Fixed bug #79477 (casting object into array creates references).
- Fixed bug #79470 (PHP incompatible with 3rd party file system on demand).
- Fixed bug #78784 (Unable to interact with files inside a VFS for Git repository).
- DOM:
- Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes).
- FCGI:
- Fixed bug #79491 (Search for .user.ini extends up to root dir).
- MBString:
- Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported).
- OpenSSL:
- Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes with <1s timeout).
- Phar:
- Fixed bug #79503 (Memory leak on duplicate metadata).
- SimpleXML:
- Fixed bug #79528 (Different object of the same xml between 7.4.5 and 7.4.4).
- Standard:
- Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter appended).
PHP 7.4.6 Changelog
- Core:
- Fixed bug #78434 (Generator yields no items after valid() call).
- Fixed bug #79477 (casting object into array creates references).
- Fixed bug #79514 (Memory leaks while including unexistent file).
- Fixed bug #79470 (PHP incompatible with 3rd party file system on demand).
- Fixed bug #78784 (Unable to interact with files inside a VFS for Git repository).
- Fixed bug #78875 (Long variables cause OOM and temp files are not cleaned).
- Fixed bug #78876 (Long variables cause OOM and temp files are not cleaned).
- DOM:
- Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes).
- EXIF:
- Fixed bug #79336 (ext/exif/tests/bug79046.phpt fails on Big endian arch).
- FCGI:
- Fixed bug #79491 (Search for .user.ini extends up to root dir).
- MBString:
- Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported).
- OpenSSL:
- Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes with <1s timeout).
- PCRE:
- Upgraded to PCRE2 10.34.
- Phar:
- Fixed bug #79503 (Memory leak on duplicate metadata).
- SimpleXML:
- Fixed bug #79528 (Different object of the same xml between 7.4.5 and 7.4.4).
- SPL:
- Standard: