PHP 8.3.29 has been officially released, introducing a series of bug fixes and enhancements that improve the overall functionality and security of the language. This update includes synchronization of Boost context files with version 1.86.0, enhancing integration and performance.
Key fixes in this release address several critical issues reported by developers. For example, the handling of SensitiveParameter has been improved to correctly manage named arguments in variadic parameters. A notable crash issue during userland stream_close() operations, particularly in 'use-after-destroy' scenarios, has also been resolved. Additional fixes target assertion failures in Bz2 streams and crash problems related to uninstantiable classes during date function calls.
From a security and stability perspective, the update resolves issues within various extensions, including the DOM extension where missing NUL byte checks in C14NFile() were corrected. The Fibers extension had a fix for an ASAN stack overflow error caused by small 'fiber.stack_size' values, and FTP connections have been stabilized to prevent overflow issues during timeout settings.
The GD extension also received attention, improving its handling of out-of-range values in imagegammacorrect and preventing crashes during image scaling with extreme height settings. Users working with internationalization can benefit from clearer error messages in the Spoofchecker class, which now accurately indicates undefined constants.
In addition to these, several other areas saw improvements:
- LibXML introduced deprecations for handling input buffers in newer versions.
- MbString fixed compilation errors affecting SLES15 and eliminated compile warnings regarding non-string types.
- MySQLnd resolved issues with specific IPv6 address formats breaking connections, and Opcache tackled a problem related to file cache under certain conditions.
- Packaging and file handling improvements included better management of references in SplFixedArray during unserialization and case-insensitivity in the Phar extension's stub reading.
Moreover, the update also addresses memory leaks in array_diff() and stack overflow issues in http_build_query due to deeply nested arrays. The XML extension now properly manages special characters in callback data, and the Zip component has been stabilized to ensure reliable performance during property checks and file reading.
Overall, PHP 8.3.29 marks a significant update that enhances the language's stability, security, and performance, addressing many user-reported issues and making it a more robust tool for developers.
As PHP continues to evolve, developers can expect future releases to build upon these improvements, focusing on enhancing performance and security while streamlining development processes. With each update, the PHP community remains dedicated to addressing user concerns and advancing the functionality of the language
Key fixes in this release address several critical issues reported by developers. For example, the handling of SensitiveParameter has been improved to correctly manage named arguments in variadic parameters. A notable crash issue during userland stream_close() operations, particularly in 'use-after-destroy' scenarios, has also been resolved. Additional fixes target assertion failures in Bz2 streams and crash problems related to uninstantiable classes during date function calls.
From a security and stability perspective, the update resolves issues within various extensions, including the DOM extension where missing NUL byte checks in C14NFile() were corrected. The Fibers extension had a fix for an ASAN stack overflow error caused by small 'fiber.stack_size' values, and FTP connections have been stabilized to prevent overflow issues during timeout settings.
The GD extension also received attention, improving its handling of out-of-range values in imagegammacorrect and preventing crashes during image scaling with extreme height settings. Users working with internationalization can benefit from clearer error messages in the Spoofchecker class, which now accurately indicates undefined constants.
In addition to these, several other areas saw improvements:
- LibXML introduced deprecations for handling input buffers in newer versions.
- MbString fixed compilation errors affecting SLES15 and eliminated compile warnings regarding non-string types.
- MySQLnd resolved issues with specific IPv6 address formats breaking connections, and Opcache tackled a problem related to file cache under certain conditions.
- Packaging and file handling improvements included better management of references in SplFixedArray during unserialization and case-insensitivity in the Phar extension's stub reading.
Moreover, the update also addresses memory leaks in array_diff() and stack overflow issues in http_build_query due to deeply nested arrays. The XML extension now properly manages special characters in callback data, and the Zip component has been stabilized to ensure reliable performance during property checks and file reading.
Overall, PHP 8.3.29 marks a significant update that enhances the language's stability, security, and performance, addressing many user-reported issues and making it a more robust tool for developers.
As PHP continues to evolve, developers can expect future releases to build upon these improvements, focusing on enhancing performance and security while streamlining development processes. With each update, the PHP community remains dedicated to addressing user concerns and advancing the functionality of the language
PHP 8.3.29 released
PHP 8.3.29 has been released with various bug fixes and improvements across multiple areas. The update includes syncing Boost context files with version 1.86.0, as well as fixing issues related to SensitiveParameter, userland stream_close() calls, and assertion failures in Bz2 streams. Additionally, the release addresses security and stability concerns in the DOM extension, Fibers, FTP, GD, internationalization, LibXML, MbString, MySQLnd, Opcache, and other areas, including packaging and file handling. The update also fixes leaks in array_diff(), stack overflows in http_build_query(), and null byte termination problems in dns_get_record(), among other issues.
