This Release is Outdated

The latest release of PHP 8.4 is PHP 8.4.22 . It is recommended to upgrade to the latest release.

PHP 8.4.20 Release Announcement

The PHP development team announces the immediate availability of PHP 8.4.20. This is a bug fix release.

All PHP 8.4 users are encouraged to upgrade to this version.

For source downloads of PHP 8.4.20 please visit our downloads page, Windows source and binaries can also be found there. The list of changes is recorded in the ChangeLog.

Source Code

PHP 8.4.20 (tar.gz)

sha256: a2def5d534d57c6a0236f2265de7537608af871900a4f7955eff463e9e38247d
PHP 8.4.20 (tar.bz2)

sha256: ce25d2610a5f9522ac8f53fbb7b8280b5c021991e9bd9137068c9c629d9ffb56
PHP 8.4.20 (tar.xz)

sha256: e454c6f7c89a42f41ebb06dc5c3578e8c8b5f1a3f0da6675665affab04e221f7

Change Log

bz2
- Fix truncation of total output size causing erroneous errors.
core
- Fixed bugs GH-20875, GH-20873, GH-20854 (Propagate IN_GET guard in get_property_ptr_ptr for lazy proxies).
dom
- Fixed bug GH-21486 (Dom\HTMLDocument parser mangles xml:space and xml:lang attributes).
ffi
- Fixed resource leak in FFI::cdef() onsymbol resolution failure.
gd
- Fixed bug GH-21431 (phpinfo() to display libJPEG 10.0 support).
opcache
- Fixed bug GH-20838 (JIT compiler produces wrong arithmetic results).
- Fixed bug GH-21267 (JIT tracing: infinite loop on FETCH_OBJ_R with IS_UNDEF property in polymorphic context).
- Fixed bug GH-21395 (uaf in jit).
openssl
- Fixed bug GH-21083 (Skip private_key_bits validation for EC/curve-based keys).
- Fix missing error propagation for BIO_printf() calls.
pcre
- Fixed re-entrancy issue on php_pcre_match_impl, php_pcre_replace_impl, php_pcre_split_impl, and php_pcre_grep_impl.
pgsql
- Fixed preprocessor silently guarding PGSQL_SUPPRESS_TIMESTAMPS support due to a typo.
snmp
- Fixed bug GH-21336 (SNMP::setSecurity() undefined behavior with NULL arguments).
soap
- Fixed Set-Cookie parsing bug wrong offset while scanning attributes.
spl
- Fixed bug GH-21454 (missing write lock validation in SplHeap).
standard
- Fixed bug GH-20906 (Assertion failure when messing up output buffers).
- Fixed bug GH-20627 (Cannot identify some avif images with getimagesize).
sysvshm
- Fix memory leak in shm_get_var() when variable is corrupted.
xsl
- Fix GH-21357 (XSLTProcessor works with DOMDocument, but fails with Dom\XMLDocument).
- Fixed bug GH-21496 (UAF in dom_objects_free_storage).