forked from php/php-src
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathNEWS
More file actions
1204 lines (1035 loc) · 50.2 KB
/
Copy pathNEWS
File metadata and controls
1204 lines (1035 loc) · 50.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? ????, PHP 8.5.8
- GD:
. Fixed bug GH-22121 (Double free in gdImageSetStyle() after
overflow-triggered early return). (iliaal)
- URI:
. Add LEXBOR_STATIC to CFLAGS_URI on Windows so ext/uri does not see
LXB_API as __declspec(dllimport) when linked statically into PHP.
(Luther Monson)
- Phar:
. Fixed a bypass of the magic ".phar" directory protection in
Phar::addEmptyDir() for paths starting with "/.phar", while allowing
non-magic directory names that merely share the ".phar" prefix. (Weilin Du)
- SOAP:
. Fixed bug GH-22218 (SoapServer::handle() crash on $_SERVER not being
an array). (David Carlier / Rex-Reynolds)
- Zlib:
. Fixed memory leak if deflate initialization fails and there is a dict.
(ndossche)
02 Jun 2026, PHP 8.5.7
- CLI:
. Fixed bug GH-21901 (Stale getopt() optional value). (onthebed)
- Core:
. Fixed bug GH-22071 (JIT assertion on abstract static method call).
(David Carlier)
- Date:
. Fixed bug GH-18422 (int overflow in php_date_llabs). (iliaal)
- DOM:
. Fixed bug GH-22077 (UAF in custom XPath function).
(afflerbach/David Carlier)
- Opcache:
. Fixed tracing JIT crash when a VM interrupt is handled during an observed
user function call. (Levi Morrison)
. Fixed bug GH-21746 (Segfault with tracing JIT). (Arnaud)
. Fixed bug GH-22004 (Assertion failure at ext/opcache/jit/zend_jit_trace.c).
(Arnaud)
. Fixed tailcall VM crash when a VM interrupt is handled from a VM helper.
(Levi Morrison, Arnaud)
- OpenSSL:
. Fix compatibility issues with OpenSSL 4.0. (jordikroon, Remi)
- Standard:
. Fixed bug GH-21689 (version_compare() incorrectly handles versions ending
with a dot). (timwolla)
- URI:
. Fixed CVE-2026-44927 (In uriparser before 1.0.2, there is pointer
difference truncation to int in various places). (CVE-2026-44927)
(Sebastian Pipping)
. Fixed CVE-2026-44928 (In uriparser before 1.0.2, the function family
EqualsUri can misclassify two unequal URIs as equal). (CVE-2026-44928)
(Sebastian Pipping)
07 May 2026, PHP 8.5.6
- Core:
. Fixed bug GH-19983 (GC assertion failure with fibers, generators and
destructors). (iliaal)
. Fixed ZEND_API mismatch on zend_ce_closure forward decl for Windows+Clang.
(henderkes)
. Fixed bug GH-21504 (Incorrect RC-handling for ZEND_EXT_STMT op1). (ilutov)
. Fixed bug GH-21478 (Forward property operations to real instance for
initialized lazy proxies). (iliaal)
. Fixed bug GH-21605 (Missing addref for Countable::count()). (ilutov)
. Fixed bug GH-21699 (Assertion failure in shutdown_executor when resolving
self::/parent::/static:: callables if the error handler throws). (macoaure)
. Fixed bug GH-21603 (Missing addref for __unset). (ilutov)
. Fixed bug GH-21760 (Trait with class constant name conflict against
enum case causes SEGV). (Pratik Bhujel)
- CLI:
. Fixed bug GH-21754 (`--rf` command line option with a method triggers
ext/reflection deprecation warnings). (DanielEScherzer)
- Curl:
. Add support for brotli and zstd on Windows. (Shivam Mathur)
- DOM:
. Fixed GHSA-4jhr-8w89-j733 and GH-21566 (Dom\XMLDocument::C14N() emits
duplicate xmlns declarations after setAttributeNS()). (CVE-2026-7263)
(David Carlier)
- FPM:
. Fixed GHSA-7qg2-v9fj-4mwv (XSS within status endpoint). (CVE-2026-6735)
(Jakub Zelenka)
- Iconv:
. Fixed bug GH-17399 (iconv memory leak on bailout). (iliaal)
- Lexbor:
. Upgrade to lexbor v2.7.0. (CVE-2026-29078, CVE-2026-29079)
(ndossche, ilutov)
- MBString:
. Fixed GHSA-wm6j-2649-pv75 (Null pointer dereference in
php_mb_check_encoding() via mb_ereg_search_init()). (CVE-2026-7259)
(vi3tL0u1s)
. Fixed GHSA-74r9-qxhc-fx53 (Out-of-bounds access in mbfl_name2encoding_ex()).
(CVE-2026-6104) (ilutov)
- Opcache:
. Fixed bug GH-21158 (JIT: Assertion jit->ra[var].flags & (1<<0) failed in
zend_jit_use_reg). (Arnaud)
. Fixed bug GH-21593 (Borked function JIT JMPNZ smart branch). (ilutov)
. Fixed bug GH-21460 (COND optimization regression). (Dmitry, Arnaud)
. Fixed faulty returns out of zend_try block in zend_jit_trace(). (ilutov)
- OpenSSL:
. Fix memory leak regression in openssl_pbkdf2(). (ndossche)
. Fix a bunch of memory leaks and crashes on edge cases. (ndossche)
- PDO_Firebird:
. Fixed GHSA-w476-322c-wpvm (SQL injection via NUL bytes in quoted strings).
(CVE-2025-14179) (SakiTakamachi)
- PDO_PGSQL:
. Fixed bug GH-21683 (pdo_pgsql throws with ATTR_PREFETCH=0
on empty result set). (thomasschiet)
- Phar:
. Restore is_link handler in phar_intercept_functions_shutdown. (iliaal)
. Fixed bug GH-21797 (phar: NULL dereference in Phar::webPhar() when
SCRIPT_NAME is absent from SAPI environment). (iliaal)
. Fix memory leak in Phar::offsetGet(). (iliaal)
. Fix memory leak in phar_add_file(). (iliaal)
. Fixed bug GH-21799 (phar: propagate phar_stream_flush return value from
phar_stream_close). (iliaal)
. Fix memory leak in phar_verify_signature() when md_ctx is invalid.
(JarneClauw)
- Random:
. Fixed bug GH-21731 (Random\Engine\Xoshiro256StarStar::__unserialize()
accepts all-zero state). (iliaal)
- Session:
. Fixed memory leak when session GC callback return a refcounted value.
(jorgsowa)
- SOAP:
. Fixed GHSA-85c2-q967-79q5 (Stale SOAP_GLOBAL(ref_map) pointer with Apache
Map). (CVE-2026-6722) (ilutov)
. Fixed GHSA-m33r-qmcv-p97q (Use-after-free after header parsing failure with
SOAP_PERSISTENCE_SESSION). (CVE-2026-7261) (ilutov)
. Fixed GHSA-hmxp-6pc4-f3vv (Broken Apache map value NULL check).
(CVE-2026-7262) (ilutov)
- SPL:
. Fixed bug GH-21499 (RecursiveArrayIterator getChildren UAF after parent
free). (Girgias)
. Fix concurrent iteration and deletion issues in SplObjectStorage.
(ndossche)
- Sqlite3:
. Fixed wrong free list comparator pointer type. (David Carlier)
- Standard:
. Fixed GHSA-96wq-48vp-hh57 (Signed integer overflow of char array offset).
(CVE-2026-7568) (TimWolla)
. Fixed GHSA-m8rr-4c36-8gq4 (Consistently pass unsigned char to ctype.h
functions). (CVE-2026-7258) (ilutov)
- Streams:
. Fixed bug GH-21468 (Segfault in file_get_contents w/ a https URL
and a proxy set). (ndossche)
- URI:
. Fixed CVE-2026-42371 (uriparser before 1.0.1 has numeric truncation in
text range comparison). (CVE-2026-42371) (Joshua W. Windle)
26 Mar 2026, PHP 8.5.5
- Core:
. Fixed bug GH-20672 (Incorrect property_info sizing for locally shadowed
trait properties). (ilutov)
. Fixed bugs GH-20875, GH-20873, GH-20854 (Propagate IN_GET guard in
get_property_ptr_ptr for lazy proxies). (iliaal)
- Bz2:
. Fix truncation of total output size causing erroneous errors. (ndossche)
- DOM:
. Fixed bug GH-21486 (Dom\HTMLDocument parser mangles xml:space and
xml:lang attributes). (ndossche)
- FFI:
. Fixed resource leak in FFI::cdef() onsymbol resolution failure.
(David Carlier)
- GD:
. Fixed bug GH-21431 (phpinfo() to display libJPEG 10.0 support).
(David Carlier)
- Opcache:
. Fixed bug GH-21052 (Preloaded constant erroneously propagated to file-cached
script). (ilutov)
. Fixed bug GH-20838 (JIT compiler produces wrong arithmetic results).
(Dmitry, iliaal)
. Fixed bug GH-21267 (JIT tracing: infinite loop on FETCH_OBJ_R with
IS_UNDEF property in polymorphic context). (Dmitry, iliaal)
. Fixed bug GH-21395 (uaf in jit). (ndossche)
- OpenSSL:
. Fixed bug GH-21083 (Skip private_key_bits validation for EC/curve-based
keys). (iliaal)
. Fix missing error propagation for BIO_printf() calls. (ndossche)
- PCNTL:
. Fixed signal handler installation on AIX by bumping the storage size of the
num_signals global. (Calvin Buckley)
- PCRE:
. Fixed re-entrancy issue on php_pcre_match_impl, php_pcre_replace_impl,
php_pcre_split_impl, and php_pcre_grep_impl. (David Carlier)
- Phar:
. Fixed bug GH-21333 (use after free when unlinking entries during iteration
of a compressed phar). (David Carlier)
- SNMP:
. Fixed bug GH-21336 (SNMP::setSecurity() undefined behavior with
NULL arguments). (David Carlier)
- SOAP:
. Fixed Set-Cookie parsing bug wrong offset while scanning attributes.
(David Carlier)
- SPL:
. Fixed bug GH-21454 (missing write lock validation in SplHeap).
(ndossche)
- Standard:
. Fixed bug GH-20906 (Assertion failure when messing up output buffers).
(ndossche)
. Fixed bug GH-20627 (Cannot identify some avif images with getimagesize).
(y-guyon)
. Fixed bug GH-22171 (Invalid auth header generation in
http(s) stream wrapper). (David Carlier)
- Sysvshm:
. Fix memory leak in shm_get_var() when variable is corrupted. (ndossche)
- XSL:
. Fix GH-21357 (XSLTProcessor works with DOMDocument, but fails with
Dom\XMLDocument). (ndossche)
. Fixed bug GH-21496 (UAF in dom_objects_free_storage).
(David Carlier/ndossche)
12 Mar 2026, PHP 8.5.4
- Core:
. Fixed bug GH-21029 (zend_mm_heap corrupted on Aarch64, LTO builds). (Arnaud)
. Fixed bug GH-21059 (Segfault when preloading constant AST closure). (ilutov)
. Fixed bug GH-21072 (Crash on (unset) cast in constant expression).
(arshidkv12)
. Fix deprecation now showing when accessing null key of an array with JIT.
(alexandre-daubois)
. Fixed bug GH-20657 (Assertion failure in zend_lazy_object_get_info triggered
by setRawValueWithoutLazyInitialization() and newLazyGhost()). (Arnaud)
. Fixed bug GH-20504 (Assertion failure in zend_get_property_guard when
accessing properties on Reflection LazyProxy via isset()). (Arnaud)
. Fixed OSS-Fuzz #478009707 (Borked assign-op/inc/dec on untyped hooked
property backing value). (ilutov)
. Fixed bug GH-21215 (Build fails with -std=). (Arnaud)
. Fixed bug GH-13674 (Build system installs libtool wrappers when using
slibtool). (Michael Orlitzky)
- Curl:
. Don't truncate length. (ndossche)
- Date:
. Fixed bug GH-20936 (DatePeriod::__set_state() cannot handle null start).
(ndossche)
. Fix timezone offset with seconds losing precision. (ndossche)
- DOM:
. Fixed bug GH-21077 (Accessing Dom\Node::baseURI can throw TypeError).
(ndossche)
. Fixed bug GH-21097 (Accessing Dom\Node properties can can throw TypeError).
(ndossche)
- LDAP:
. Fixed bug GH-21262 (ldap_modify() too strict controls argument validation
makes it impossible to unset attribute). (David Carlier)
- MBString:
. Fixed bug GH-21223; mb_guess_encoding no longer crashes when passed huge
list of candidate encodings (with 200,000+ entries). (Jordi Kroon)
- Opcache:
. Fixed bug GH-20718 ("Insufficient shared memory" when using JIT on Solaris).
(Petr Sumbera)
. Fixed bug GH-21227 (Borked SCCP of array containing partial object).
(ilutov)
- OpenSSL:
. Fix a bunch of leaks and error propagation. (ndossche)
- Windows:
. Fixed compilation with clang (missing intrin.h include). (Kévin Dunglas)
29 Jan 2026, PHP 8.5.3
- Core:
. Fixed bug GH-20806 (preserve_none feature compatiblity with LTO).
(henderkes)
. Fixed bug GH-20767 (build failure with musttail/preserve_none feature
on macOs). (David Carlier)
. Fixed bug GH-20837 (NULL dereference when calling ob_start() in shutdown
function triggered by bailout in php_output_lock_error()). (timwolla)
. Fix OSS-Fuzz #471533782 (Infinite loop in GC destructor fiber). (ilutov)
. Fix OSS-Fuzz #472563272 (Borked block_pass JMP[N]Z optimization). (ilutov)
. Fixed bug GH-20914 (Internal enums can be cloned and compared). (Arnaud)
. Fix OSS-Fuzz #474613951 (Leaked parent property default value). (ilutov)
. Fixed bug GH-20895 (ReflectionProperty does not return the PHPDoc of a
property if it contains an attribute with a Closure). (timwolla)
. Fixed bug GH-20766 (Use-after-free in FE_FREE with GC interaction). (Bob)
. Fix OSS-Fuzz #471486164 (Broken by-ref assignment to uninitialized hooked
backing value). (ilutov)
. Fix OSS-Fuzz #438780145 (Nested finally with repeated return type check may
uaf). (ilutov)
. Fixed bug GH-20905 (Lazy proxy bailing __clone assertion). (ilutov)
. Fixed bug GH-20479 (Hooked object properties overflow). (ndossche)
- Date:
. Update timelib to 2022.16. (Derick)
- DOM:
. Fixed GH-21041 (Dom\HTMLDocument corrupts closing tags within scripts).
(lexborisov)
- MbString:
. Fixed bug GH-20833 (mb_str_pad() divide by zero if padding string is
invalid in the encoding). (ndossche)
. Fixed bug GH-20836 (Stack overflow in mb_convert_variables with
recursive array references). (alexandre-daubois)
- Opcache:
. Fixed bug GH-20818 (Segfault in Tracing JIT with object reference).
(khasinski)
- OpenSSL:
. Fix memory leaks when sk_X509_new_null() fails. (ndossche)
. Fix crash when in openssl_x509_parse() when i2s_ASN1_INTEGER() fails.
(ndossche)
. Fix crash in openssl_x509_parse() when X509_NAME_oneline() fails.
(ndossche)
- Phar:
. Fixed bug GH-20882 (buildFromIterator breaks with missing base directory).
(ndossche)
- PGSQL:
. Fixed INSERT/UPDATE queries building with PQescapeIdentifier() and possible
UB. (David Carlier)
- Readline:
. Fixed bug GH-18139 (Memory leak when overriding some settings
via readline_info()). (ndossche)
- SPL:
. Fixed bug GH-20856 (heap-use-after-free in SplDoublyLinkedList iterator
when modifying during iteration). (ndossche)
- Standard:
. Fixed bug #74357 (lchown fails to change ownership of symlink with ZTS)
(Jakub Zelenka)
. Fixed bug GH-20843 (var_dump() crash with nested objects)
(David Carlier)
15 Jan 2026, PHP 8.5.2
- Core:
. Fix OSS-Fuzz #465488618 (Wrong assumptions when dumping function signature
with dynamic class const lookup default argument). (ilutov)
. Fixed bug GH-20695 (Assertion failure in normalize_value() when parsing
malformed INI input via parse_ini_string()). (ndossche)
. Fixed bug GH-20714 (Uncatchable exception thrown in generator). (ilutov)
. Fixed bug GH-20352 (UAF in php_output_handler_free via re-entrant
ob_start() during error deactivation). (ndossche)
. Fixed bug GH-20745 ("Casting out of range floats to int" applies to
strings). (Bob)
- DOM:
. Fixed bug GH-20722 (Null pointer dereference in DOM namespace node cloning
via clone on malformed objects). (ndossche)
. Fixed bug GH-20444 (Dom\XMLDocument::C14N() seems broken compared
to DOMDocument::C14N()). (ndossche)
- EXIF:
. Fixed bug GH-20631 (Integer underflow in exif HEIF parsing
when pos.size < 2). (Oblivionsage)
- Intl:
. Fixed IntlListFormatter::getErrorCode() and getErrorMessage() not
reflecting format() failures. (Weilin Du)
. Fix leak in umsg_format_helper(). (ndossche)
- LDAP:
. Fix memory leak in ldap_set_options(). (ndossche)
- Lexbor:
. Fixed bug GH-20668 (\Uri\WhatWg\Url::withHost() crashes (SEGV) for URLs
using the file: scheme). (lexborisov)
- Mbstring:
. Fixed bug GH-20674 (mb_decode_mimeheader does not handle separator).
(Yuya Hamada)
- OpenSSL:
. Fixed bug GH-20802 (undefined behavior with invalid SNI_server_certs
options). (David Carlier)
- PCNTL:
. Fixed bug with pcntl_getcpuaffinity() on solaris regarding invalid
process ids handling. (David Carlier)
- Phar:
. Fixed bug GH-20732 (Phar::LoadPhar undefined behavior when reading fails).
(ndossche)
. Fix SplFileInfo::openFile() in write mode. (ndossche)
. Fix build on legacy OpenSSL 1.1.0 systems. (Giovanni Giacobbi)
. Fixed bug #74154 (Phar extractTo creates empty files). (ndossche)
- Session:
. Fix support for MM module. (Michael Orlitzky)
- Sqlite3:
. Fixed bug GH-20699 (SQLite3Result fetchArray return array|false,
null returned). (ndossche, plusminmax)
- Standard:
. Fix error check for proc_open() command. (ndossche)
. Fix memory leak in mail() when header key is numeric. (Girgias)
. Fixed bug GH-20582 (Heap Buffer Overflow in iptcembed). (ndossche)
- URI:
. Fixed bug GH-20771 (Assertion failure when getUnicodeHost() returns
empty string). (ndossche)
- Zlib:
. Fix OOB gzseek() causing assertion failure. (ndossche)
18 Dec 2025, PHP 8.5.1
- Core:
. Sync all boost.context files with release 1.86.0. (mvorisek)
. Fixed bug GH-20435 (SensitiveParameter doesn't work for named argument
passing to variadic parameter). (ndossche)
. Fixed bug GH-20546 (preserve_none attribute configure check on macOs
issue). (David Carlier/cho-m)
. Fixed bug GH-20286 (use-after-destroy during userland stream_close()).
(ndossche, David Carlier)
- Bz2:
. Fix assertion failures resulting in crashes with stream filter
object parameters. (ndossche)
- DOM:
. Fix memory leak when edge case is hit when registering xpath callback.
(ndossche)
. Fixed bug GH-20395 (querySelector and querySelectorAll requires elements
in $selectors to be lowercase). (ndossche)
. Fix missing NUL byte check on C14NFile(). (ndossche)
- Fibers:
. Fixed bug GH-20483 (ASAN stack overflow with fiber.stack_size INI
small value). (David Carlier)
- Intl:
. Fixed bug GH-20426 (Spoofchecker::setRestrictionLevel() error message
suggests missing constants). (DanielEScherzer)
- Lexbor:
. Fixed bug GH-20501 (\Uri\WhatWg\Url lose host after calling
withPath() or withQuery()). (lexborisov)
. Fixed bug GH-20502 (\Uri\WhatWg\Url crashes (SEGV) when parsing
malformed URL due to Lexbor memory corruption). (lexborisov)
- LibXML:
. Fix some deprecations on newer libxml versions regarding input
buffer/parser handling. (ndossche)
- mysqli:
. Make mysqli_begin_transaction() report errors properly. (Kamil Tekiela)
- MySQLnd:
. Fixed bug GH-20528 (Regression breaks mysql connexion using an IPv6 address
enclosed in square brackets). (Remi)
- Opcache:
. Fixed bug GH-20329 (opcache.file_cache broken with full interned string
buffer). (Arnaud)
- PDO:
. Fixed bug GH-20553 (PDO::FETCH_CLASSTYPE ignores $constructorArgs in
PHP 8.5.0). (Girgias)
. Fixed GHSA-8xr5-qppj-gvwj (PDO quoting result null deref). (CVE-2025-14180)
(Jakub Zelenka)
- Phar:
. Fixed bug GH-20442 (Phar does not respect case-insensitiveness of
__halt_compiler() when reading stub). (ndossche, TimWolla)
. Fix broken return value of fflush() for phar file entries. (ndossche)
. Fix assertion failure when fseeking a phar file out of bounds. (ndossche)
- PHPDBG:
. Fixed ZPP type violation in phpdbg_get_executable() and phpdbg_end_oplog().
(Girgias)
- SPL:
. Fixed bug GH-20614 (SplFixedArray incorrectly handles references
in deserialization). (ndossche)
- Standard:
. Fix memory leak in array_diff() with custom type checks. (ndossche)
. Fixed bug GH-20583 (Stack overflow in http_build_query
via deep structures). (ndossche)
. Fixed GHSA-www2-q4fc-65wf (Null byte termination in dns_get_record()).
(ndossche)
. Fixed GHSA-h96m-rvf9-jgm2 (Heap buffer overflow in array_merge()).
(CVE-2025-14178) (ndossche)
. Fixed GHSA-3237-qqm7-mfv7 (Information Leak of Memory in getimagesize).
(CVE-2025-14177) (ndossche)
- Streams:
. Fixed bug GH-20370 (User stream filters could violate typed property
constraints). (alexandre-daubois)
- URI:
. Fixed bug GH-20366 (ext/uri incorrectly throws ValueError when encountering
null byte). (kocsismate)
. Fixed CVE-2025-67899 (uriparser through 0.9.9 allows unbounded recursion
and stack consumption). (Sebastian Pipping)
- XML:
. Fixed bug GH-20439 (xml_set_default_handler() does not properly handle
special characters in attributes when passing data to callback). (ndossche)
- Zip:
. Fix crash in property existence test. (ndossche)
. Don't truncate return value of zip_fread() with user sizes. (ndossche)
- Zlib:
. Fix assertion failures resulting in crashes with stream filter
object parameters. (ndossche)
20 Nov 2025, PHP 8.5.0
- Core:
. Added the #[\NoDiscard] attribute to indicate that a function's return
value is important and should be consumed. (timwolla, edorian)
. Added the (void) cast to indicate that not using a value is intentional.
(timwolla, edorian)
. Added get_error_handler(), get_exception_handler() functions. (Arnaud)
. Added support for casts in constant expressions. (nielsdos)
. Added the pipe (|>) operator. (crell)
. Added support for `final` with constructor property promotion.
(DanielEScherzer)
. Added support for configuring the URI parser for the FTP/FTPS as well as
the SSL/TLS stream wrappers as described in
https://wiki.php.net/rfc/url_parsing_api#plugability. (kocsismate)
. Added PHP_BUILD_PROVIDER constant. (timwolla)
. Added PHP_BUILD_DATE constant. (cmb)
. Added support for Closures and first class callables in constant
expressions. (timwolla, edorian)
. Add support for backtraces for fatal errors. (enorris)
. Add clone-with support to the clone() function. (timwolla, edorian)
. Add RFC 3986 and WHATWG URL compliant APIs for URL parsing
and manipulation (kocsismate, timwolla)
. Fixed AST printing for immediately invoked Closure. (Dmitrii Derepko)
. Properly handle __debugInfo() returning an array reference. (nielsdos)
. Properly handle reference return value from __toString(). (nielsdos)
. Improved error message of UnhandledMatchError for
zend.exception_string_param_max_len=0. (timwolla)
. Fixed bug GH-15753 and GH-16198 (Bind traits before parent class). (ilutov)
. Fixed bug GH-17951 (memory_limit is not always limited by max_memory_limit).
(manuelm)
. Fixed bug GH-20183 (Stale EG(opline_before_exception) pointer through eval).
(ilutov)
. Fixed bug GH-20113 (Missing new Foo(...) error in constant expressions).
(ilutov)
. Fixed bug GH-19844 (Don't bail when closing resources on shutdown). (ilutov)
. Fixed bug GH-20177 (Accessing overridden private property in
get_object_vars() triggers assertion error). (ilutov)
. Fix OSS-Fuzz #447521098 (Fatal error during sccp shift eval). (ilutov)
. Fixed bug GH-20002 (Broken build on *BSD with MSAN). (outtersg)
. Fixed bug GH-19352 (Cross-compilation with musl C library).
(henderkes, Peter Kokot)
. Fixed bug GH-19765 (object_properties_load() bypasses readonly property
checks). (timwolla)
. Fixed hard_timeout with --enable-zend-max-execution-timers. (Appla)
. Fixed bug GH-19839 (Incorrect HASH_FLAG_HAS_EMPTY_IND flag on userland
array). (ilutov)
. Fixed bug GH-19823 (register_argc_argv deprecation emitted twice when
using OPcache). (timwolla)
. Fixed bug GH-19480 (error_log php.ini cannot be unset when open_basedir is
configured). (nielsdos)
. Fixed bug GH-19719 (Allow empty statements before declare(strict_types)).
(nielsdos)
. Fixed bug GH-19934 (CGI with auto_globals_jit=0 causes uouv). (ilutov)
. Fixed bug GH-19613 (Stale array iterator pointer). (ilutov)
. Fixed bug GH-19679 (zend_ssa_range_widening may fail to converge). (Arnaud)
. Fixed bug GH-19681 (PHP_EXPAND_PATH broken with bash 5.3.0). (Remi)
. Fixed bug GH-18850 (Repeated inclusion of file with __halt_compiler()
triggers "Constant already defined" warning). (ilutov)
. Fixed bug GH-19476 (pipe operator fails to correctly handle returning
by reference). (alexandre-daubois)
. Fixed bug GH-19081 (Wrong lineno in property error with constructor property
promotion). (ilutov)
. Fixed bug GH-17959 (Relax missing trait fatal error to error exception).
(ilutov)
. Fixed bug GH-18033 (NULL-ptr dereference when using register_tick_function
in destructor). (nielsdos)
. Fixed bug GH-18026 (Improve "expecting token" error for ampersand). (ilutov)
. The report_memleaks INI directive has been deprecated. (alexandre-daubois)
. Fixed OSS-Fuzz #439125710 (Pipe cannot be used in write context).
(nielsdos)
. Fixed bug GH-19548 (Shared memory violation on property inheritance).
(alexandre-daubois)
. Fixed bug GH-19544 (GC treats ZEND_WEAKREF_TAG_MAP references as WeakMap
references). (Arnaud, timwolla)
. Fixed bug GH-18373 (Don't substitute self/parent with anonymous class).
(ilutov)
. Fix support for non-userland stream notifiers. (timwolla)
. Fixed bug GH-19305 (Operands may be being released during comparison).
(Arnaud)
. Fixed bug GH-19306 (Generator can be resumed while fetching next value from
delegated Generator). (Arnaud)
. Fixed bug GH-19326 (Calling Generator::throw() on a running generator with
a non-Generator delegate crashes). (Arnaud)
. Fix OSS-Fuzz #427814452 (pipe compilation fails with assert).
(nielsdos, ilutov)
. Fixed bug GH-16665 (\array and \callable should not be usable in
class_alias). (nielsdos)
. Use `clock_gettime_nsec_np()` for high resolution timer on macOS
if available. (timwolla)
. Make `clone()` a function. (timwolla, edorian)
. Introduced the TAILCALL VM, enabled by default when compiling with Clang>=19
on x86_64 or aarch64. (Arnaud)
. Enacted the follow-up phase of the "Path to Saner Increment/Decrement
operators" RFC, meaning that incrementing non-numeric strings is now
deprecated. (Girgias).
. Various closure binding issues are now deprecated. (alexandre-daubois)
. Constant redeclaration has been deprecated. (alexandre-daubois)
. Marks the stack as non-executable on Haiku. (David Carlier)
. Deriving $_SERVER['argc'] and $_SERVER['argv'] from the query string is
now deprecated. (timwolla, nicolasgrekas)
. Using null as an array offset or when calling array_key_exists() is now
deprecated. (alexandre-daubois)
. The disable_classes INI directive has been removed. (Girgias)
. The locally predefined variable $http_response_header is deprecated.
(Girgias)
. Non-canonical cast names (boolean), (integer), (double), and (binary) have
been deprecated. (Girgias)
. The $exclude_disabled parameter of the get_defined_functions() function has
been deprecated, as it no longer has any effect since PHP 8.0. (Girgias)
. Terminating case statements with a semicolon instead of a colon has
been deprecated. (theodorejb)
. The backtick operator as an alias for shell_exec() has been deprecated.
(timwolla)
. Returning null from __debugInfo() has been deprecated. (DanielEScherzer)
. Support #[\Override] on properties. (Jiří Pudil)
. Destructing non-array values (other than NULL) using [] or list() now
emits a warning. (Girgias)
. Casting floats that are not representable as ints now emits a warning.
(Girgias)
. Casting NAN to other types now emits a warning. (Girgias)
. Implement GH-15680 (Enhance zend_dump_op_array to properly represent
non-printable characters in string literals). (nielsdos, WangYihang)
. Fixed bug GH-17442 (Engine UAF with reference assign and dtor). (nielsdos)
. Do not use RTLD_DEEPBIND if dlmopen is available. (Daniil Gentili)
. Added #[\DelayedTargetValidation] attribute. (DanielEScherzer)
. Support #[\Deprecated] on traits. (DanielEScherzer)
- BCMath:
. Simplify `bc_divide()` code. (SakiTakamachi)
. If the result is 0, n_scale is set to 0. (SakiTakamachi)
. If size of BC_VECTOR array is within 64 bytes, stack area is now used.
(SakiTakamachi)
. Fixed bug GH-20006 (Power of 0 of BcMath number causes UB). (nielsdos)
- Bz2:
. Fixed bug GH-19810 (Broken bzopen() stream mode validation). (ilutov)
- CLI:
. Add --ini=diff to print INI settings changed from the builtin default.
(timwolla)
. Drop support for -z CLI/CGI flag. (nielsdos)
. Fixed GH-17956 - development server 404 page does not adapt to mobiles.
(pascalchevrel)
. Fix useless "Failed to poll event" error logs due to EAGAIN in CLI server
with PHP_CLI_SERVER_WORKERS. (leotaku)
. Fixed bug GH-19461 (Improve error message on listening error with IPv6
address). (alexandre-daubois)
- COM:
. Fixed property access of PHP objects wrapped in variant. (cmb)
. Fixed method calls for PHP objects wrapped in variant. (cmb)
- Curl:
. Added CURLFOLLOW_ALL, CURLFOLLOW_OBEYCODE and CURLFOLLOW_FIRSTONLY
values for CURLOPT_FOLLOWLOCATION curl_easy_setopt option. (David Carlier)
. Added curl_multi_get_handles(). (timwolla)
. Added curl_share_init_persistent(). (enorris)
. Added CURLINFO_USED_PROXY, CURLINFO_HTTPAUTH_USED, and CURLINFO_PROXYAUTH_USED
support to curl_getinfo. (Ayesh Karunaratne)
. Add support for CURLINFO_CONN_ID in curl_getinfo() (thecaliskan)
. Add support for CURLINFO_QUEUE_TIME_T in curl_getinfo() (thecaliskan)
. Add support for CURLOPT_SSL_SIGNATURE_ALGORITHMS. (Ayesh Karunaratne)
. The curl_close() function has been deprecated. (DanielEScherzer)
. The curl_share_close() function has been deprecated. (DanielEScherzer)
. Fix cloning of CURLOPT_POSTFIELDS when using the clone operator instead
of the curl_copy_handle() function to clone a CurlHandle. (timwolla)
- Date:
. Fix undefined behaviour problems regarding integer overflow in extreme edge
cases. (nielsdos, cmb, ilutov)
. The DATE_RFC7231 and DateTimeInterface::RFC7231 constants have been
deprecated. (jorgsowa)
. Fixed date_sunrise() and date_sunset() with partial-hour UTC offset.
(ilutov)
. Fixed GH-17159: "P" format for ::createFromFormat swallows string literals.
(nielsdos)
. The __wakeup() magic method of DateTimeInterface, DateTime,
DateTimeImmutable, DateTimeZone, DateInterval, and DatePeriod has been
deprecated in favour of the __unserialize() magic method. (Girgias)
- DOM:
. Added Dom\Element::$outerHTML. (nielsdos)
. Added Dom\Element::insertAdjacentHTML(). (nielsdos)
. Added $children property to ParentNode implementations. (nielsdos)
. Make cloning DOM node lists, maps, and collections fail. (nielsdos)
. Added Dom\Element::getElementsByClassName(). (nielsdos)
. Fixed bug GH-18877 (\Dom\HTMLDocument querySelectorAll selecting only the
first when using ~ and :has). (nielsdos, lexborisov)
. Fix getNamedItemNS() incorrect namespace check. (nielsdos)
- Enchant:
. Added enchant_dict_remove_from_session(). (nielsdos)
. Added enchant_dict_remove(). (nielsdos)
. Fix missing empty string checks. (nielsdos)
- EXIF:
. Add OffsetTime* Exif tags. (acc987)
. Added support to retrieve Exif from HEIF file. (Benstone Zhang)
. Fix OSS-Fuzz #442954659 (zero-size box in HEIF file causes infinite loop).
(nielsdos)
. Fix OSS-Fuzz #442954659 (Crash in exif_scan_HEIF_header). (nielsdos)
. Various hardening fixes to HEIF parsing. (nielsdos)
- FileInfo:
. The finfo_close() function has been deprecated. (timwolla)
. The $context parameter of the finfo_buffer() function has been deprecated
as it is ignored. (Girgias)
. Upgrade to file 5.46. (nielsdos)
. Change return type of finfo_close() to true. (timwolla)
- Filter:
. Added support for configuring the URI parser for FILTER_VALIDATE_URL
as described in https://wiki.php.net/rfc/url_parsing_api#plugability.
(kocsismate)
. Fixed bug GH-16993 (filter_var_array with FILTER_VALIDATE_INT|FILTER_NULL_ON_FAILURE
should emit warning for invalid filter usage). (alexandre-daubois)
. Added FILTER_THROW_ON_FAILURE flag. (DanielEScherzer)
- FPM:
. Fixed bug GH-19817 (Decode SCRIPT_FILENAME issue in php 8.5).
(Jakub Zelenka)
. Fixed bug GH-19989 (PHP 8.5 FPM access log lines also go to STDERR).
(Jakub Zelenka)
. Fixed GH-17645 (FPM with httpd ProxyPass does not decode script path).
(Jakub Zelenka)
. Make FPM access log limit configurable using log_limit. (Jakub Zelenka)
. Fixed failed debug assertion when php_admin_value setting fails. (ilutov)
. Fixed GH-8157 (post_max_size evaluates .user.ini too late in php-fpm).
(Jakub Zelenka)
- GD:
. Fixed bug #68629 (Transparent artifacts when using imagerotate). (pierre,
cmb)
. Fixed bug #64823 (ZTS GD fails to find system TrueType font). (cmb)
. Fix incorrect comparison with result of php_stream_can_cast(). (Girgias)
. The imagedestroy() function has been deprecated. (DanielEScherzer)
- Iconv:
. Extends the ICONV_CONST preprocessor for illumos/solaris. (jMichaelA)
- Intl:
. Bumped ICU requirement to ICU >= 57.1. (cmb)
. IntlDateFormatter::setTimeZone()/datefmt_set_timezone() throws an exception
with uninitialised classes or clone failure. (David Carlier)
. Added DECIMAL_COMPACT_SHORT/DECIMAL_COMPACT_LONG for NumberFormatter class.
(BogdanUngureanu)
. Added Locale::isRightToLeft to check if a locale is written right to left.
(David Carlier)
. Added null bytes presence in locale inputs for Locale class. (David Carlier)
. Added grapheme_levenshtein() function. (Yuya Hamada)
. Added Locale::addLikelySubtags/Locale::minimizeSubtags to handle
adding/removing likely subtags to a locale. (David Carlier)
. Added IntlListFormatter class to format a list of items with a locale,
operands types and units. (BogdanUngureanu)
. Added grapheme_strpos(), grapheme_stripos(), grapheme_strrpos(),
grapheme_strripos(), grapheme_substr(), grapheme_strstr(), grapheme_stristr() and
grapheme_levenshtein() functions add $locale parameter (Yuya Hamada).
. Fixed bug GH-11952 (Fix locale strings canonicalization for IntlDateFormatter
and NumberFormatter). (alexandre-daubois)
. Fixed bug GH-18566 ([intl] Weird numeric sort in Collator). (nielsdos)
. Fix return value on failure for resourcebundle count handler. (Girgias)
. Fixed bug GH-19307 (PGO builds of shared ext-intl are broken). (cmb)
. Intl's internal error mechanism has been modernized so that it
indicates more accurately which call site caused what error.
Moreover, some ext/date exceptions have been wrapped inside a
IntlException now. (Girgias)
. The intl.error_level INI setting has been deprecated. (Girgias)
- LDAP:
. Allow ldap_get_option to retrieve global option by allowing NULL for
connection instance ($ldap). (Remi)
- MBstring:
. Updated Unicode data tables to Unicode 17.0. (Yuya Hamada)
- MySQLi:
. Fixed bugs GH-17900 and GH-8084 (calling mysqli::__construct twice).
(nielsdos)
. The mysqli_execute() alias function has been deprecated. (timwolla)
- MySQLnd:
. Added mysqlnd.collect_memory_statistics to ini quick reference.
(hauk92)
- ODBC:
. Removed driver-specific build flags and support. (Calvin Buckley)
. Remove ODBCVER and assume ODBC 3.5. (Calvin Buckley)
- Opcache:
. Make OPcache non-optional (Arnaud, timwolla)
. Added opcache.file_cache_read_only. (Samuel Melrose)
. Updated default value of opcache.jit_hot_loop. (Arnaud)
. Log a warning when opcache lock file permissions could not be changed.
(Taavi Eomäe)
. Fixed bug GH-20012 (heap buffer overflow in jit). (Arnaud)
. Partially fixed bug GH-17733 (Avoid calling wrong function when reusing file
caches across differing environments). (ilutov)
. Disallow changing opcache.memory_consumption when SHM is already set up.
(timwolla)
. Fixed bug GH-15074 (Compiling opcache statically into ZTS PHP fails).
(Arnaud)
. Fixed bug GH-17422 (OPcache bypasses the user-defined error handler for
deprecations). (Arnaud, timwolla)
. Fixed bug GH-19301 (opcache build failure). (Remi)
. Fixed bug GH-20081 (access to uninitialized vars in preload_load()).
(Arnaud)
. Fixed bug GH-20121 (JIT broken in ZTS builds on MacOS 15).
(Arnaud, Shivam Mathur)
. Fixed bug GH-19875 (JIT 1205 segfault on large file compiled in subprocess).
(Arnaud)
. Fixed segfault in function JIT due to NAN to bool warning. (Girgias)
. Fixed bug GH-19984 (Double-free of EG(errors)/persistent_script->warnings on
persist of already persisted file). (ilutov, Arnaud)
. Fixed bug GH-19889 (race condition in zend_runtime_jit(),
zend_jit_hot_func()). (Arnaud)
. Fixed bug GH-19669 (assertion failure in zend_jit_trace_type_to_info_ex).
(Arnaud)
. Fixed bug GH-19831 (function JIT may not deref property value). (Arnaud)
. Fixed bug GH-19486 (Incorrect opline after deoptimization). (Arnaud)
. Fixed bug GH-19601 (Wrong JIT stack setup on aarch64/clang). (Arnaud)
. Fixed bug GH-19388 (Broken opcache.huge_code_pages). (Arnaud)
. Fixed bug GH-19657 (Build fails on non-glibc/musl/freebsd/macos/win
platforms). (Arnaud)
. Fixed ZTS OPcache build on Cygwin. (cmb)
. Fixed bug GH-19493 (JIT variable not stored before YIELD). (Arnaud)
- OpenSSL:
. Added openssl.libctx INI that allows to select the OpenSSL library context
type and convert various parts of the extension to use the custom libctx.
(Jakub Zelenka)
. Add $digest_algo parameter to openssl_public_encrypt() and
openssl_private_decrypt() functions. (Jakub Zelenka)
. Implement #81724 (openssl_cms_encrypt only allows specific ciphers).
(Jakub Zelenka)
. Implement #80495 (Enable to set padding in openssl_(sign|verify).
(Jakub Zelenka)
. Implement #47728 (openssl_pkcs7_sign ignores new openssl flags).
(Jakub Zelenka)
. Fixed bug GH-19994 (openssl_get_cipher_methods inconsistent with fetching).
(Jakub Zelenka)
. Fixed build when --with-openssl-legacy-provider set. (Jakub Zelenka)
. Fixed bug GH-19369 (8.5 | Regression in openssl_sign() - support for alias
algorithms appears to be broken). (Jakub Zelenka)
. The $key_length parameter for openssl_pkey_derive() has been deprecated.
(Girgias)
- Output:
. Fixed calculation of aligned buffer size. (cmb)
- PCNTL:
. Extend pcntl_waitid with rusage parameter. (vrza)
- PCRE:
. Remove PCRE2_EXTRA_ALLOW_LOOKAROUND_BSK from pcre compile options.
(mvorisek)
- PDO:
. Fixed bug GH-20095 (Incorrect class name in deprecation message for PDO
mixins). (timwolla)
. Driver specific methods and constants in the PDO class
are now deprecated. (Arnaud)
. The "uri:" DSN scheme has been deprecated due to security concerns with
DSNs coming from remote URIs. (timwolla)
- PDO_ODBC:
. Fetch larger block sizes and better handle SQL_NO_TOTAL when calling
SQLGetData. (Calvin Buckley, Saki Takamachi)
- PDO_PGSQL:
. Added Iterable support for PDO::pgsqlCopyFromArray. (KentarouTakeda)
. Implement GH-15387 Pdo\Pgsql::setAttribute(PDO::ATTR_PREFETCH, 0) or
Pdo\Pgsql::prepare(…, [ PDO::ATTR_PREFETCH => 0 ]) make fetch() lazy
instead of storing the whole result set in memory (Guillaume Outters)
- PDO_SQLITE:
. Add PDO\Sqlite::ATTR_TRANSACTION_MODE connection attribute.
(Samuel Štancl)
. Implement GH-17321: Add setAuthorizer to Pdo\Sqlite. (nielsdos)
. PDO::sqliteCreateCollation now throws a TypeError if the callback
has a wrong return type. (David Carlier)
. Added Pdo_Sqlite::ATTR_BUSY_STATEMENT constant to check
if a statement is currently executing. (David Carlier)
. Added Pdo_Sqlite::ATTR_EXPLAIN_STATEMENT constant to set a statement
in either EXPLAIN_MODE_PREPARED, EXPLAIN_MODE_EXPLAIN,
EXPLAIN_MODE_EXPLAIN_QUERY_PLAN modes. (David Carlier)
. Fix bug GH-13952 (sqlite PDO::quote silently corrupts strings
with null bytes) by throwing on null bytes. (divinity76)
- PGSQL:
. Added pg_close_stmt to close a prepared statement while allowing
its name to be reused. (David Carlier)
. Added Iterable support for pgsql_copy_from. (David Carlier)
. pg_connect checks if connection_string contains any null byte,
pg_close_stmt check if the statement contains any null byte.
(David Carlier)
. Added pg_service to get the connection current service identifier.
(David Carlier)
. Fix segfaults when attempting to fetch row into a non-instantiable class
name. (Girgias, nielsdos)
- Phar:
. Fix potential buffer length truncation due to usage of type int instead
of type size_t. (Girgias)
. Fixed memory leaks when verifying OpenSSL signature. (Girgias)
- POSIX:
. Added POSIX_SC_OPEN_MAX constant to get the number of file descriptors
a process can handle. (David Carlier)
. posix_ttyname() sets last_error to EBADF on invalid file descriptors,
posix_isatty() raises E_WARNING on invalid file descriptors,
posix_fpathconf checks invalid file descriptors. (David Carlier)
. posix_kill and posix_setpgid throws a ValueError on invalid process_id.
(David Carlier)
. posix_setpgid throws a ValueError on invalid process_group_id,
posix_setrlimit throws a ValueError on invalid soft_limit and hard_limit
arguments. (David Carlier)
- Random:
. Moves from /dev/urandom usage to arc4random_buf on Haiku. (David Carlier)
- Reflection:
. Added ReflectionConstant::getExtension() and ::getExtensionName().
(DanielEScherzer)
. Added ReflectionProperty::getMangledName() method. (alexandre-daubois)
. ReflectionConstant is no longer final. (sasezaki)
. The setAccessible() methods of various Reflection objects have been
deprecated, as those no longer have an effect. (timwolla)
. ReflectionClass::getConstant() for constants that do not exist has been
deprecated. (DanielEScherzer)
. ReflectionProperty::getDefaultValue() for properties without default values
has been deprecated. (DanielEScherzer)
. Fixed bug GH-12856 (ReflectionClass::getStaticPropertyValue() returns UNDEF
zval for uninitialized typed properties). (nielsdos)
. Fixed bug GH-15766 (ReflectionClass::__toString() should have better output
for enums). (DanielEScherzer)
. Fix GH-19691 (getModifierNames() not reporting asymmetric visibility).
(DanielEScherzer)
. Fixed bug GH-17927 (Reflection: have some indication of property hooks in
`_property_string()`). (DanielEScherzer)