Author: Eric Mann (ericmann)
Date: 2024-04-11T07:47:22-07:00
Commit:
https://github.com/php/web-php/commit/db4cc533b36c6182811a4d62fc54480f3b269b5e
Raw diff:
https://github.com/php/web-php/commit/db4cc533b36c6182811a4d62fc54480f3b269b5e.diff
Announce PHP 8.3.6
Changed paths:
A archive/entries/2024-04-11-2.xml
A releases/8_3_6.php
M ChangeLog-8.php
M archive/archive.xml
M include/releases.inc
M include/version.inc
Diff:
diff --git a/ChangeLog-8.php b/ChangeLog-8.php
index 386cd9d324..77336974ef 100644
--- a/ChangeLog-8.php
+++ b/ChangeLog-8.php
@@ -8,6 +8,74 @@
?>
<a id="PHP_8_3"></a>
+<section class="version" id="8.3.6"><!-- {{{ 8.3.6 -->
+<h3>Version 8.3.6</h3>
+<b><?php release_date('11-Apr-2024'); ?></b>
+<ul><li>Core:
+<ul>
+ <li>Fixed <?php githubissuel('php/php-src', 13569); ?> (GC buffer
unnecessarily grows up to GC_MAX_BUF_SIZE when scanning WeakMaps).</li>
+ <li>Fixed bug <?php githubissuel('php/php-src', 13612); ?> (Corrupted memory
in destructor with weak references).</li>
+ <li>Fixed bug <?php githubissuel('php/php-src', 13446); ?> (Restore
exception handler after it finishes).</li>
+ <li>Fixed bug <?php githubissuel('php/php-src', 13784); ?>
(AX_GCC_FUNC_ATTRIBUTE failure).</li>
+ <li>Fixed bug <?php githubissuel('php/php-src', 13670); ?> (GC does not
scale well with a lot of objects created in destructor).</li>
+</ul></li>
+<li>DOM:
+<ul>
+ <li>Add some missing ZPP checks.</li>
+ <li>Fix potential memory leak in XPath evaluation results.</li>
+</ul></li>
+<li>FPM:
+<ul>
+ <li>Fixed <?php githubissuel('php/php-src', 11086); ?> (FPM: config test
runs twice in daemonised mode).</li>
+ <li>Fix incorrect check in fpm_shm_free().</li>
+</ul></li>
+<li>GD:
+<ul>
+ <li>Fixed bug <?php githubissuel('php/php-src', 12019); ?> (add GDLIB_CFLAGS
in feature tests).</li>
+</ul></li>
+<li>Gettext:
+<ul>
+ <li>Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5
with category set to LC_ALL.</li>
+</ul></li>
+<li>MySQLnd:
+<ul>
+ <li>Fix <?php githubissuel('php/php-src', 13452); ?> (Fixed handshake
response [mysqlnd]).</li>
+ <li>Fix incorrect charset length in check_mb_eucjpms().</li>
+</ul></li>
+<li>Opcache:
+<ul>
+ <li>Fixed <?php githubissuel('php/php-src', 13508); ?> (JITed QM_ASSIGN may
be optimized out when op1 is null).</li>
+ <li>Fixed <?php githubissuel('php/php-src', 13712); ?> (Segmentation fault
for enabled observers when calling trait method of internal trait when opcache
is loaded).</li>
+</ul></li>
+<li>Random:
+<ul>
+ <li>Fixed bug <?php githubissuel('php/php-src', 13544); ?> (Pre-PHP 8.2
compatibility for mt_srand with unknown modes).</li>
+ <li>Fixed bug <?php githubissuel('php/php-src', 13690); ?> (Global Mt19937
is not properly reset in-between requests when MT_RAND_PHP is used).</li>
+</ul></li>
+<li>Session:
+<ul>
+ <li>Fixed bug <?php githubissuel('php/php-src', 13680); ?> (Segfault with
session_decode and compilation error).</li>
+</ul></li>
+<li>SPL:
+<ul>
+ <li>Fixed bug <?php githubissuel('php/php-src', 13685); ?> (Unexpected null
pointer in zend_string.h).</li>
+</ul></li>
+<li>Standard:
+<ul>
+ <li>Fixed bug <?php githubissuel('php/php-src', 11808); ?> (Live filesystem
modified by tests).</li>
+ <li>Fixed <?php githubissuel('php/php-src', 13402); ?> (Added validation of
`\n` in $additional_headers of mail()).</li>
+ <li>Fixed bug <?php githubissuel('php/php-src', 13203); ?>
(file_put_contents fail on strings over 4GB on Windows).</li>
+ <li>Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command
parameter of proc_open). (CVE-2024-1874)</li>
+ <li>Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
partial CVE-2022-31629 fix). (CVE-2024-2756)</li>
+ <li>Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return
true, opening ATO risk). (CVE-2024-3096)</li>
+ <li>Fixed bug GHSA-fjp9-9hwx-59fq (mb_encode_mimeheader runs endlessly for
some inputs). (CVE-2024-2757)</li>
+ <li>Fix bug <?php githubissuel('php/php-src', 13932); ?> (Attempt to fix
mbstring on windows build) (msvc).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
+
+
<section class="version" id="8.3.4"><!-- {{{ 8.3.4 -->
<h3>Version 8.3.4</h3>
<b><?php release_date('14-Mar-2024'); ?></b>
diff --git a/archive/archive.xml b/archive/archive.xml
index 652b8ee0e5..17908c8d95 100644
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,7 @@
<uri>http://php.net/contact</uri>
<email>[email protected]</email>
</author>
+ <xi:include href="entries/2024-04-11-2.xml"/>
<xi:include href="entries/2024-04-11-1.xml"/>
<xi:include href="entries/2024-03-22-1.xml"/>
<xi:include href="entries/2024-03-14-2.xml"/>
diff --git a/archive/entries/2024-04-11-2.xml b/archive/entries/2024-04-11-2.xml
new file mode 100644
index 0000000000..59e15e78ab
--- /dev/null
+++ b/archive/entries/2024-04-11-2.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom";>
+ <title>PHP 8.3.6 Released!</title>
+ <id>https://www.php.net/archive/2024.php#2024-04-11-2</id>
+ <published>2024-04-11T14:34:04+00:00</published>
+ <updated>2024-04-11T14:34:04+00:00</updated>
+ <link href="https://www.php.net/index.php#2024-04-11-2"; rel="alternate"
type="text/html"/>
+ <link href="https://www.php.net/archive/2024.php#2024-04-11-2"; rel="via"
type="text/html"/>
+ <category term="releases" label="New PHP release"/>
+ <category term="frontpage" label="PHP.net frontpage news"/>
+ <content type="xhtml">
+ <div xmlns="http://www.w3.org/1999/xhtml";><p>The PHP development team
announces the immediate availability of PHP 8.3.6. This is a security
release.</p>
+
+<p>All PHP 8.3 users are encouraged to upgrade to this version.</p>
+
+<p>For source downloads of PHP 8.3.6 please visit our <a
href="https://www.php.net/downloads.php";>downloads page</a>,
+Windows source and binaries can be found on <a
href="https://windows.php.net/download/";>windows.php.net/download/</a>.
+The list of changes is recorded in the <a
href="https://www.php.net/ChangeLog-8.php#8.3.6";>ChangeLog</a>.
+</p> </div>
+ </content>
+</entry>
diff --git a/include/releases.inc b/include/releases.inc
index 94df95bebe..1130df9659 100644
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -2,6 +2,42 @@
$OLDRELEASES = array (
8 =>
array (
+ '8.3.4' =>
+ array (
+ 'announcement' =>
+ array (
+ 'English' => '/releases/8_3_4.php',
+ ),
+ 'tags' =>
+ array (
+ ),
+ 'date' => '14 Mar 2024',
+ 'source' =>
+ array (
+ 0 =>
+ array (
+ 'filename' => 'php-8.3.4.tar.gz',
+ 'name' => 'PHP 8.3.4 (tar.gz)',
+ 'sha256' =>
'0e2801e47fb1b92d2743204fcf650ce2fcad1a13ef7a44fe05738101a383e4a2',
+ 'date' => '14 Mar 2024',
+ ),
+ 1 =>
+ array (
+ 'filename' => 'php-8.3.4.tar.bz2',
+ 'name' => 'PHP 8.3.4 (tar.bz2)',
+ 'sha256' =>
'3c5caf18e0c0a243aaec913a39ecb092043195adde4c3fc42e945da5b9277695',
+ 'date' => '14 Mar 2024',
+ ),
+ 2 =>
+ array (
+ 'filename' => 'php-8.3.4.tar.xz',
+ 'name' => 'PHP 8.3.4 (tar.xz)',
+ 'sha256' =>
'39a337036a546e5c28aea76cf424ac172db5156bd8a8fd85252e389409a5ba63',
+ 'date' => '14 Mar 2024',
+ ),
+ ),
+ 'museum' => false,
+ ),
'8.2.17' =>
array (
'announcement' =>
diff --git a/include/version.inc b/include/version.inc
index d0e0313efb..25e3261810 100644
--- a/include/version.inc
+++ b/include/version.inc
@@ -20,13 +20,13 @@ $RELEASES = (function () {
/* PHP 8.3 Release */
$data['8.3'] = [
- 'version' => '8.3.4',
- 'date' => '14 Mar 2024',
- 'tags' => [], // Set to ['security'] for security releases.
+ 'version' => '8.3.6',
+ 'date' => '11 Apr 2024',
+ 'tags' => ['security'], // Set to ['security'] for security releases.
'sha256' => [
- 'tar.gz' =>
'0e2801e47fb1b92d2743204fcf650ce2fcad1a13ef7a44fe05738101a383e4a2',
- 'tar.bz2' =>
'3c5caf18e0c0a243aaec913a39ecb092043195adde4c3fc42e945da5b9277695',
- 'tar.xz' =>
'39a337036a546e5c28aea76cf424ac172db5156bd8a8fd85252e389409a5ba63',
+ 'tar.gz' =>
'39695f5bd107892e36fd2ed6b3d3a78140fd4b05d556d6c6531a921633cacb5f',
+ 'tar.bz2' =>
'6324b1ddd8eb3025b041034b88dc2bc0b4819b0022129eeaeba37e47803108bc',
+ 'tar.xz' =>
'53c8386b2123af97626d3438b3e4058e0c5914cb74b048a6676c57ac647f5eae',
]
];
diff --git a/releases/8_3_6.php b/releases/8_3_6.php
new file mode 100644
index 0000000000..3814fdb07f
--- /dev/null
+++ b/releases/8_3_6.php
@@ -0,0 +1,16 @@
+<?php
+$_SERVER['BASE_PAGE'] = 'releases/8_3_6.php';
+include_once __DIR__ . '/../include/prepend.inc';
+site_header('PHP 8.3.6 Release Announcement');
+?>
+<h1>PHP 8.3.6 Release Announcement</h1>
+
+<p>The PHP development team announces the immediate availability of PHP 8.3.6.
This is a security release.</p>
+
+<p>All PHP 8.3 users are encouraged to upgrade to this version.</p>
+
+<p>For source downloads of PHP 8.3.6 please visit our <a
href="https://www.php.net/downloads.php";>downloads page</a>,
+Windows source and binaries can be found on <a
href="https://windows.php.net/download/";>windows.php.net/download/</a>.
+The list of changes is recorded in the <a
href="https://www.php.net/ChangeLog-8.php#8.3.6";>ChangeLog</a>.
+</p>
+<?php site_footer();
