PHP 8.3.26 RC1 released

Software 43918 Published by

PHP 8.3.26 release candidate has been announced by Jakub Zelenka, addressing various bugs and issues reported by the community. The release includes fixes for critical core bugs, such as repeated file inclusion warnings and integer overflows, as well as enhancements to CLI error messages and internationalization functionality. Additionally, several library-specific issues have been resolved, including memory leaks in Phar archive handling, UAF errors in Standard PHP library functions, and incorrect calls in Streams metadata handling.



PHP 8.3.26 Release Candidate

Jakub Zelenka has announced the release of the first PHP 8.3.26 release candidate, which addresses various bugs and issues reported by the community.

Screenshot_from_2025_05_20_10_30_02

Release Highlights:

  • Core Improvements
    The core team has fixed several critical bugs, including:

    • Repeated inclusion of files with __halt_compiler() now correctly handles "Constant already defined" warnings.
    • Scanning of string literals exceeding 2GB no longer fails due to signed integer overflow.
    • Weak references are properly handled by the garbage collector.
    • Stale array iterator pointers have been fixed, preventing potential crashes.

  • CLI Enhancements
    The CLI team has improved error messages for IPv6 address listening errors, providing more informative output.

  • Date and Time Fixes
    date_sunrise() and date_sunset() now correctly handle partial-hour UTC offsets, ensuring accurate calculations.

  • DOM Bug Fix
    A bug in libxml2 tree dictionaries has been mitigated to prevent potential crashes.

  • FPM Stability Improvements
    Failed debug assertions when setting php_admin_value have been fixed, enhancing FPM's stability.

  • GD Graphics Library Fixes
    imagefilledellipse() now handles width arguments correctly, preventing underflow errors.

  • Internationalization and Localization Updates
    Locale strings are properly canonicalized for IntlDateFormatter and NumberFormatter, ensuring correct formatting.

  • OpenSSL Security Enhancements
    Success error messages on TLS stream accept failures have been improved, providing more accurate output.

  • PGSQL Database Driver Fixes
    Potential use-after-free errors when using persistent pgsql connections have been addressed, improving connection reliability.

  • Phar Archive File System Improvements
    Memory leaks in OpenSSL signature verification and phar tar temporary file error handling have been fixed. Metadata leaks during failed phar convert logic have also been resolved.

  • Standard PHP Library Fixes
    UAF (Use After Free) errors during array_splice() operations have been fixed, enhancing array manipulation safety. Integer overflows in LimitIterator when using small offsets and PHP_INT_MAX have been avoided, preventing potential crashes.

  • Streams Improvements
    An incorrect call to zval_ptr_dtor() has been removed from user_wrapper_metadata(), improving metadata handling.

  • Tidy HTML Parser Fixes
    A build issue with libtidy related to tidyOptIsReadonly deprecation and TidyInternalCategory availability has been resolved.

  • Zip Archive System Improvements
    Memory leaks in zip when encountering empty glob results have been fixed, enhancing zip handling stability.

php-8.3.26RC1

Tag for php-8.3.26RC1

Release php-8.3.26RC1 · php/php-src

QEMU security update for Debian

Liquorix Kernel 6.16-5 Now Available for Enhanced System Performance

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...