Key issues that have been addressed in this release include:
- Core Bugs: Resolved multiple core issues, such as lazy proxy calls triggering magic methods multiple times, a use-after-free vulnerability in the extract() function, and segmentation faults occurring in array_walk() with objects that have added property hooks. Additionally, it fixed a segmentation fault caused by changing properties of a DateInterval using dynamic properties and addressed memory leaks in the php_scandir function.
- DBA: Fixed a memory leak in the dba_popen() function when provided with an invalid path.
- Filters and GD: Addressed an integer overflow issue in the ipv6 filter, as well as several overflow and underflow problems in GD functions like imagettftext() and imagecrop().
- Internationalization: Improved reference support for the intltz_get_offset() function.
- LDAP and libxml: Resolved issues with LDAP options not being overridden and fixed a TypeError message related to invalid resources returned by custom external entity loaders.
- Opcache and OpenSSL: Fixed several bugs related to the JIT compiler, including memory leaks in openssl_sign() and potential leaks while writing to BIO.
- PDO Drivers: Addressed various issues in PDO Firebird and PDO Sqlite, including memory leaks and exceptions with incorrect codes.
- SPL and Standard Libraries: Fixed memory mismanagement in SplObjectStorage and resolved crashes and resource leaks in standard functions.
- Tests and Zip: Updated tests to prevent failures related to deprecated session options and fixed memory leaks in the ZipArchive::addGlob() function.
This release underscores the PHP development team's commitment to maintaining a robust and efficient programming environment by proactively addressing bugs and enhancing existing features. As PHP continues to evolve, users are encouraged to test this release candidate and report any issues they encounter, contributing to the ongoing improvement of the platform.
Looking ahead, PHP 8.4.7 is expected to further refine its performance and security, solidifying its position as a leading choice for web development
PHP 8.4.7 RC2 released
The second release candidate for PHP 8.4.7 has been released for testing. The PHP 8.4.7 release has addressed multiple bugs, including problems with lazy proxy calls, a use-after-free issue in extract(), a segmentation fault in array_walk(), and modifications to properties of a DateInterval via dynamic properties. The update addressed memory leaks in php_scandir, resolved DBA issues, corrected filter bugs, rectified GD issues, and improved reference support for intltz_get_offset(). Additionally, it resolved LDAP issues, addressed libxml concerns, and rectified OpenSSL problems. The change log also addressed concerns related to PDO Firebird, PDO Sqlite, PgSql, SPL, and standard issues. The update focuses on the removal of deprecated session options in PHP 8.4 and resolves memory leaks associated with ZipArchive::addGlob().
