This Release is Outdated

The latest release of PHP 8.4 is PHP 8.4.22 . It is recommended to upgrade to the latest release.

PHP 8.4.12 Release Announcement

The PHP development team announces the immediate availability of PHP 8.4.12. This is a bug fix release.

All PHP 8.4 users are encouraged to upgrade to this version.

For source downloads of PHP 8.4.12 please visit our downloads page, Windows source and binaries can be found on windows.php.net/download/. The list of changes is recorded in the ChangeLog.

Source Code

PHP 8.4.12 (tar.gz)

sha256: 4963b0d3a6ca8a391317d1b80309c2cfdebf4318b131ff8e7d19e3ab79da9104
PHP 8.4.12 (tar.bz2)

sha256: 2ebd5382eb090d603087da649ed21de64b079616bc9a02abbc532b89b17e3468
PHP 8.4.12 (tar.xz)

sha256: c1b7978cbb5054eed6c749bde4444afc16a3f2268101fb70a7d5d9b1083b12ad

Change Log

core
- Fixed GH-19169 build issue with C++17 and ZEND_STATIC_ASSERT macro.
- Fixed bug GH-19053 (Duplicate property slot with hooks and interface property).
- Fixed bug GH-19044 (Protected properties are not scoped according to their prototype).
- Fixed bug GH-18581 (Coerce numeric string keys from iterators when argument unpacking).
- Fixed OSS-Fuzz #434346548 (Failed assertion with throwing __toString in binary const expr).
- Fixed bug GH-19305 (Operands may be being released during comparison).
- Fixed bug GH-19303 (Unpacking empty packed array into uninitialized array causes assertion failure).
- Fixed bug GH-19306 (Generator can be resumed while fetching next value from delegated Generator).
- Fixed bug GH-19326 (Calling Generator::throw() on a running generator with a non-Generator delegate crashes).
- Fixed bug GH-19280 (Stale array iterator position on rehashing).
- Fixed bug GH-18736 (Circumvented type check with return by ref + finally).
- Fixed bug GH-19065 (Long match statement can segfault compiler during recursive SSA renaming).
calendar
- Fixed bug GH-19371 (integer overflow in calendar.c).
ftp
- Fix theoretical issues with hrtime() not being available.
gd
- Fix incorrect comparison with result of php_stream_can_cast().
hash
- Fix crash on clone failure.
intl
- Fix memleak on failure in collator_get_sort_key().
- Fix return value on failure for resourcebundle count handler.
ldap
- Fixed bug GH-18529 (additional inheriting of TLS int options).
libxml
- Fixed bug GH-19098 (libxml<2.13 segmentation fault caused by php_libxml_node_free).
mbstring
- Fixed bug GH-19397 (mb_list_encodings() can cause crashes on shutdown).
opcache
- Reset global pointers to prevent use-after-free in zend_jit_status().
- Fix issue with JIT restart and hooks.
- Fix crash with dynamic function defs in hooks during preload.
openssl
- Fixed bug GH-18986 (OpenSSL backend: incorrect RAND_{load,write}_file() return value check).
- Fix error return check of EVP_CIPHER_CTX_ctrl().
- Fixed bug GH-19428 (openssl_pkey_derive segfaults for DH derive with low key_length param).
pdo pgsql
- Fixed dangling pointer access on _pdo_pgsql_trim_message helper.
soap
- Fixed bug GH-18640 (heap-use-after-free ext/soap/php_encoding.c:299:32 in soap_check_zval_ref).
sockets
- Fix some potential crashes on incorrect argument value.
standard
- Fixed OSS Fuzz #433303828 (Leak in failed unserialize() with opcache).
- Fix theoretical issues with hrtime() not being available.
- Fixed bug GH-19300 (Nested array_multisort invocation with error breaks).
windows
- Free opened_path when opened_path_len >= MAXPATHLEN.