Author: Eric Mann (ericmann) Date: 2024-04-11T07:47:22-07:00 Commit: https://github.com/php/web-php/commit/db4cc533b36c6182811a4d62fc54480f3b269b5e Raw diff: https://github.com/php/web-php/commit/db4cc533b36c6182811a4d62fc54480f3b269b5e.diff
Announce PHP 8.3.6 Changed paths: A archive/entries/2024-04-11-2.xml A releases/8_3_6.php M ChangeLog-8.php M archive/archive.xml M include/releases.inc M include/version.inc Diff: diff --git a/ChangeLog-8.php b/ChangeLog-8.php index 386cd9d324..77336974ef 100644 --- a/ChangeLog-8.php +++ b/ChangeLog-8.php @@ -8,6 +8,74 @@ ?> <a id="PHP_8_3"></a> +<section class="version" id="8.3.6"><!-- {{{ 8.3.6 --> +<h3>Version 8.3.6</h3> +<b><?php release_date('11-Apr-2024'); ?></b> +<ul><li>Core: +<ul> + <li>Fixed <?php githubissuel('php/php-src', 13569); ?> (GC buffer unnecessarily grows up to GC_MAX_BUF_SIZE when scanning WeakMaps).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 13612); ?> (Corrupted memory in destructor with weak references).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 13446); ?> (Restore exception handler after it finishes).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 13784); ?> (AX_GCC_FUNC_ATTRIBUTE failure).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 13670); ?> (GC does not scale well with a lot of objects created in destructor).</li> +</ul></li> +<li>DOM: +<ul> + <li>Add some missing ZPP checks.</li> + <li>Fix potential memory leak in XPath evaluation results.</li> +</ul></li> +<li>FPM: +<ul> + <li>Fixed <?php githubissuel('php/php-src', 11086); ?> (FPM: config test runs twice in daemonised mode).</li> + <li>Fix incorrect check in fpm_shm_free().</li> +</ul></li> +<li>GD: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 12019); ?> (add GDLIB_CFLAGS in feature tests).</li> +</ul></li> +<li>Gettext: +<ul> + <li>Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL.</li> +</ul></li> +<li>MySQLnd: +<ul> + <li>Fix <?php githubissuel('php/php-src', 13452); ?> (Fixed handshake response [mysqlnd]).</li> + <li>Fix incorrect charset length in check_mb_eucjpms().</li> +</ul></li> +<li>Opcache: +<ul> + <li>Fixed <?php githubissuel('php/php-src', 13508); ?> (JITed QM_ASSIGN may be optimized out when op1 is null).</li> + <li>Fixed <?php githubissuel('php/php-src', 13712); ?> (Segmentation fault for enabled observers when calling trait method of internal trait when opcache is loaded).</li> +</ul></li> +<li>Random: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 13544); ?> (Pre-PHP 8.2 compatibility for mt_srand with unknown modes).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 13690); ?> (Global Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used).</li> +</ul></li> +<li>Session: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 13680); ?> (Segfault with session_decode and compilation error).</li> +</ul></li> +<li>SPL: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 13685); ?> (Unexpected null pointer in zend_string.h).</li> +</ul></li> +<li>Standard: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 11808); ?> (Live filesystem modified by tests).</li> + <li>Fixed <?php githubissuel('php/php-src', 13402); ?> (Added validation of `\n` in $additional_headers of mail()).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 13203); ?> (file_put_contents fail on strings over 4GB on Windows).</li> + <li>Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command parameter of proc_open). (CVE-2024-1874)</li> + <li>Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix). (CVE-2024-2756)</li> + <li>Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true, opening ATO risk). (CVE-2024-3096)</li> + <li>Fixed bug GHSA-fjp9-9hwx-59fq (mb_encode_mimeheader runs endlessly for some inputs). (CVE-2024-2757)</li> + <li>Fix bug <?php githubissuel('php/php-src', 13932); ?> (Attempt to fix mbstring on windows build) (msvc).</li> +</ul></li> +</ul> +<!-- }}} --></section> + + + <section class="version" id="8.3.4"><!-- {{{ 8.3.4 --> <h3>Version 8.3.4</h3> <b><?php release_date('14-Mar-2024'); ?></b> diff --git a/archive/archive.xml b/archive/archive.xml index 652b8ee0e5..17908c8d95 100644 --- a/archive/archive.xml +++ b/archive/archive.xml @@ -9,6 +9,7 @@ <uri>http://php.net/contact</uri> <email>php-webmaster@lists.php.net</email> </author> + <xi:include href="entries/2024-04-11-2.xml"/> <xi:include href="entries/2024-04-11-1.xml"/> <xi:include href="entries/2024-03-22-1.xml"/> <xi:include href="entries/2024-03-14-2.xml"/> diff --git a/archive/entries/2024-04-11-2.xml b/archive/entries/2024-04-11-2.xml new file mode 100644 index 0000000000..59e15e78ab --- /dev/null +++ b/archive/entries/2024-04-11-2.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="utf-8"?> +<entry xmlns="http://www.w3.org/2005/Atom"> + <title>PHP 8.3.6 Released!</title> + <id>https://www.php.net/archive/2024.php#2024-04-11-2</id> + <published>2024-04-11T14:34:04+00:00</published> + <updated>2024-04-11T14:34:04+00:00</updated> + <link href="https://www.php.net/index.php#2024-04-11-2" rel="alternate" type="text/html"/> + <link href="https://www.php.net/archive/2024.php#2024-04-11-2" rel="via" type="text/html"/> + <category term="releases" label="New PHP release"/> + <category term="frontpage" label="PHP.net frontpage news"/> + <content type="xhtml"> + <div xmlns="http://www.w3.org/1999/xhtml"><p>The PHP development team announces the immediate availability of PHP 8.3.6. This is a security release.</p> + +<p>All PHP 8.3 users are encouraged to upgrade to this version.</p> + +<p>For source downloads of PHP 8.3.6 please visit our <a href="https://www.php.net/downloads.php">downloads page</a>, +Windows source and binaries can be found on <a href="https://windows.php.net/download/">windows.php.net/download/</a>. +The list of changes is recorded in the <a href="https://www.php.net/ChangeLog-8.php#8.3.6">ChangeLog</a>. +</p> </div> + </content> +</entry> diff --git a/include/releases.inc b/include/releases.inc index 94df95bebe..1130df9659 100644 --- a/include/releases.inc +++ b/include/releases.inc @@ -2,6 +2,42 @@ $OLDRELEASES = array ( 8 => array ( + '8.3.4' => + array ( + 'announcement' => + array ( + 'English' => '/releases/8_3_4.php', + ), + 'tags' => + array ( + ), + 'date' => '14 Mar 2024', + 'source' => + array ( + 0 => + array ( + 'filename' => 'php-8.3.4.tar.gz', + 'name' => 'PHP 8.3.4 (tar.gz)', + 'sha256' => '0e2801e47fb1b92d2743204fcf650ce2fcad1a13ef7a44fe05738101a383e4a2', + 'date' => '14 Mar 2024', + ), + 1 => + array ( + 'filename' => 'php-8.3.4.tar.bz2', + 'name' => 'PHP 8.3.4 (tar.bz2)', + 'sha256' => '3c5caf18e0c0a243aaec913a39ecb092043195adde4c3fc42e945da5b9277695', + 'date' => '14 Mar 2024', + ), + 2 => + array ( + 'filename' => 'php-8.3.4.tar.xz', + 'name' => 'PHP 8.3.4 (tar.xz)', + 'sha256' => '39a337036a546e5c28aea76cf424ac172db5156bd8a8fd85252e389409a5ba63', + 'date' => '14 Mar 2024', + ), + ), + 'museum' => false, + ), '8.2.17' => array ( 'announcement' => diff --git a/include/version.inc b/include/version.inc index d0e0313efb..25e3261810 100644 --- a/include/version.inc +++ b/include/version.inc @@ -20,13 +20,13 @@ $RELEASES = (function () { /* PHP 8.3 Release */ $data['8.3'] = [ - 'version' => '8.3.4', - 'date' => '14 Mar 2024', - 'tags' => [], // Set to ['security'] for security releases. + 'version' => '8.3.6', + 'date' => '11 Apr 2024', + 'tags' => ['security'], // Set to ['security'] for security releases. 'sha256' => [ - 'tar.gz' => '0e2801e47fb1b92d2743204fcf650ce2fcad1a13ef7a44fe05738101a383e4a2', - 'tar.bz2' => '3c5caf18e0c0a243aaec913a39ecb092043195adde4c3fc42e945da5b9277695', - 'tar.xz' => '39a337036a546e5c28aea76cf424ac172db5156bd8a8fd85252e389409a5ba63', + 'tar.gz' => '39695f5bd107892e36fd2ed6b3d3a78140fd4b05d556d6c6531a921633cacb5f', + 'tar.bz2' => '6324b1ddd8eb3025b041034b88dc2bc0b4819b0022129eeaeba37e47803108bc', + 'tar.xz' => '53c8386b2123af97626d3438b3e4058e0c5914cb74b048a6676c57ac647f5eae', ] ]; diff --git a/releases/8_3_6.php b/releases/8_3_6.php new file mode 100644 index 0000000000..3814fdb07f --- /dev/null +++ b/releases/8_3_6.php @@ -0,0 +1,16 @@ +<?php +$_SERVER['BASE_PAGE'] = 'releases/8_3_6.php'; +include_once __DIR__ . '/../include/prepend.inc'; +site_header('PHP 8.3.6 Release Announcement'); +?> +<h1>PHP 8.3.6 Release Announcement</h1> + +<p>The PHP development team announces the immediate availability of PHP 8.3.6. This is a security release.</p> + +<p>All PHP 8.3 users are encouraged to upgrade to this version.</p> + +<p>For source downloads of PHP 8.3.6 please visit our <a href="https://www.php.net/downloads.php">downloads page</a>, +Windows source and binaries can be found on <a href="https://windows.php.net/download/">windows.php.net/download/</a>. +The list of changes is recorded in the <a href="https://www.php.net/ChangeLog-8.php#8.3.6">ChangeLog</a>. +</p> +<?php site_footer();