Author: Calvin Buckley (NattyNarwhal)
Date: 2026-07-02T14:27:23-03:00

Commit: 
https://github.com/php/web-php/commit/e7f6ed5f6c972e34bbd7f593bfef3f891bcfa405
Raw diff: 
https://github.com/php/web-php/commit/e7f6ed5f6c972e34bbd7f593bfef3f891bcfa405.diff

Announce PHP 8.4.23

Changed paths:
  A  archive/entries/2026-07-02-4.xml
  A  releases/8_4_23.php
  M  ChangeLog-8.php
  M  archive/archive.xml
  M  include/release-qa.php
  M  include/releases.inc
  M  include/version.inc


Diff:

diff --git a/ChangeLog-8.php b/ChangeLog-8.php
index b8cd4e8daf..54e0783f73 100644
--- a/ChangeLog-8.php
+++ b/ChangeLog-8.php
@@ -1030,6 +1030,80 @@
 
 <a id="PHP_8_4"></a>
 
+<section class="version" id="8.4.23"><!-- {{{ 8.4.23 -->
+<h3>Version 8.4.23</h3>
+<b><?php release_date('03-Jul-2026'); ?></b>
+<ul><li>Core:
+<ul>
+  <li>Fixed bug <?php githubissuel('php/php-src', 22280); ?> (Incorrect 
compile error for goto to label preceding try/finally block).</li>
+</ul></li>
+<li>BCMath:
+<ul>
+  <li>Fixed issues with oversized allocations and signed overflow in bcround() 
and BcMath\Number::round().</li>
+</ul></li>
+<li>Date:
+<ul>
+  <li>Fix incorrect recurrence check of 
DatePeriod::createFromISO8601String().</li>
+</ul></li>
+<li>DOM:
+<ul>
+  <li>Fix <?php githubissuel('php/php-src', 22219); ?> 
(Dom\XMLDocument::schemaValidate fails to resolve xs:QName with prefix from 
imported schema).</li>
+</ul></li>
+<li>Exif:
+<ul>
+  <li>Read correct value for single and double tags.</li>
+</ul></li>
+<li>GD:
+<ul>
+  <li>Fixed bug <?php githubissuel('php/php-src', 22121); ?> (Double free in 
gdImageSetStyle() after overflow-triggered early return).</li>
+  <li>Fixed bug <?php githubissuel('php/php-src', 19666); ?> 
(imageconvolution() unexpected nan filter value).</li>
+  <li>Fixed bug <?php githubissuel('php/php-src', 19739); ?> 
(imageellipse/imagefilledellipse overflow).</li>
+  <li>Fixed bug <?php githubissuel('php/php-src', 19730); ?> (imageaffine 
overflow).</li>
+</ul></li>
+<li>Intl:
+<ul>
+  <li>Fix incorrect argument positions for uninitialized calendar arguments in 
IntlCalendar::equals(), ::before(), ::after(), and ::isEquivalentTo(), and for 
invalid start/end arguments in transliterator_transliterate().</li>
+  <li>Fixed IntlTimeZone::getDisplayName() to synchronize object error state 
for invalid display types.</li>
+  <li>Fixed Spoofchecker restriction-level APIs to only be exposed with ICU 53 
and later.</li>
+</ul></li>
+<li>mysqli:
+<ul>
+  <li>Fix stmt-&gt;query leak in mysqli_execute_query() validation errors.</li>
+</ul></li>
+<li>Opcache:
+<ul>
+  <li>Fixed bug <?php githubissuel('php/php-src', 20469); ?> (Unsafe 
inheritance cache replay with reentrant autoloading).</li>
+</ul></li>
+<li>OpenSSL:
+<ul>
+  <li>Fixed bug <?php githubissuel('php/php-src', 22187); ?> (Memory 
corruption (zend_mm_heap corrupted) in openssl_encrypt with AES-WRAP-PAD).</li>
+</ul></li>
+<li>Phar:
+<ul>
+  <li>Fixed a bypass of the magic ".phar" directory protection in 
Phar::addEmptyDir() for paths starting with "/.phar", while allowing non-magic 
directory names that merely share the ".phar" prefix.</li>
+</ul></li>
+<li>Reflection:
+<ul>
+  <li>Preserve class-name case in ReflectionClass::getProperty() error 
messages and autoloading.</li>
+</ul></li>
+<li>Sqlite:
+<ul>
+  <li>Fix error checks for column retrieval.</li>
+</ul></li>
+<li>Zlib:
+<ul>
+  <li>Fixed memory leak if deflate initialization fails and there is a 
dict.</li>
+  <li>Fixed memory leak in inflate_add().</li>
+</ul></li>
+<li>Zip:
+<ul>
+  <li>Fixed error-related memory leaks.</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
+
+
 <section class="version" id="8.4.22"><!-- {{{ 8.4.22 -->
 <h3>Version 8.4.22</h3>
 <b><?php release_date('04-Jun-2026'); ?></b>
diff --git a/archive/archive.xml b/archive/archive.xml
index 577a2a2f2b..10c1df8e5f 100644
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,7 @@
     <uri>http://php.net/contact</uri>
     <email>[email protected]</email>
   </author>
+  <xi:include href="entries/2026-07-02-4.xml"/>
   <xi:include href="entries/2026-07-02-3.xml"/>
   <xi:include href="entries/2026-07-02-2.xml"/>
   <xi:include href="entries/2026-07-02-1.xml"/>
diff --git a/archive/entries/2026-07-02-4.xml b/archive/entries/2026-07-02-4.xml
new file mode 100644
index 0000000000..8a20b09272
--- /dev/null
+++ b/archive/entries/2026-07-02-4.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom";>
+  <title>PHP 8.4.23 Released!</title>
+  <id>https://www.php.net/archive/2026.php#2026-07-02-4</id>
+  <published>2026-07-02T17:24:56+00:00</published>
+  <updated>2026-07-02T17:24:56+00:00</updated>
+  <link href="https://www.php.net/index.php#2026-07-02-4"; rel="alternate" 
type="text/html"/>
+  <link href="https://www.php.net/archive/2026.php#2026-07-02-4"; rel="via" 
type="text/html"/>
+  <category term="releases" label="New PHP release"/>
+  <category term="frontpage" label="PHP.net frontpage news"/>
+  <content type="xhtml">
+    <div xmlns="http://www.w3.org/1999/xhtml";><p>The PHP development team 
announces the immediate availability of PHP 8.4.23. This is a security 
release.</p>
+
+<p>All PHP 8.4 users are encouraged to upgrade to this version.</p>
+
+<p>For source downloads of PHP 8.4.23 please visit our <a 
href="https://www.php.net/downloads.php";>downloads page</a>,
+Windows source and binaries can also be found <a 
href="https://www.php.net/downloads.php?os=windows&amp;version=8.4";>there</a>.
+The list of changes is recorded in the <a 
href="https://www.php.net/ChangeLog-8.php#8.4.23";>ChangeLog</a>.
+</p>    </div>
+  </content>
+</entry>
diff --git a/include/release-qa.php b/include/release-qa.php
index a071ce8574..001f34944b 100644
--- a/include/release-qa.php
+++ b/include/release-qa.php
@@ -75,12 +75,12 @@
         'active'  => true,
         'release' => [
             'type'       => 'RC',
-            'number'     => 1,
-            'sha256_bz2' => 
'e15a82d2841aee277e21506e7e9056747035f0c89f05de7d9d0d4199e872b39f',
-            'sha256_gz'  => 
'ab863318f529ace5e1f96db1670e3ca537d10668fbe055ca76b7d9d098303137',
-            'sha256_xz'  => 
'c5d532ac0d599413a1771ed894102f4d5a255e47a81ffa3475c6dae6d097227a',
+            'number'     => 0,
+            'sha256_bz2' => '',
+            'sha256_gz'  => '',
+            'sha256_xz'  => '',
             'date'       => '18 Jun 2026',
-            'baseurl'    => 'https://downloads.php.net/~calvinb/',
+            'baseurl'    => 'https://downloads.php.net/',
         ],
     ],
 
diff --git a/include/releases.inc b/include/releases.inc
index d926d66322..3e95d3bca0 100644
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -2,6 +2,42 @@
 $OLDRELEASES = array (
   8 => 
   array (
+    '8.4.22' => 
+    array (
+      'announcement' => 
+      array (
+        'English' => '/releases/8_4_22.php',
+      ),
+      'tags' => 
+      array (
+      ),
+      'date' => '04 Jun 2026',
+      'source' => 
+      array (
+        0 => 
+        array (
+          'filename' => 'php-8.4.22.tar.gz',
+          'name' => 'PHP 8.4.22 (tar.gz)',
+          'sha256' => 
'a012c2c9724baf214a70b41b40a7e130906b8855e54268afa5bc4ae17bc9d823',
+          'date' => '04 Jun 2026',
+        ),
+        1 => 
+        array (
+          'filename' => 'php-8.4.22.tar.bz2',
+          'name' => 'PHP 8.4.22 (tar.bz2)',
+          'sha256' => 
'4b16e7e2c384ce25e07d28eb949855c4b4fe0d1b7b9ec9c8eebd05d0cfa9c532',
+          'date' => '04 Jun 2026',
+        ),
+        2 => 
+        array (
+          'filename' => 'php-8.4.22.tar.xz',
+          'name' => 'PHP 8.4.22 (tar.xz)',
+          'sha256' => 
'696c0f6ad92e94c59059c1eb6e300842b8d050934226efcdf00f2a413cb083cf',
+          'date' => '04 Jun 2026',
+        ),
+      ),
+      'museum' => false,
+    ),
     '8.3.31' => 
     array (
       'announcement' => 
diff --git a/include/version.inc b/include/version.inc
index 92cc729b1d..e3d567e995 100644
--- a/include/version.inc
+++ b/include/version.inc
@@ -34,13 +34,13 @@ $RELEASES = (function () {
 
     /* PHP 8.4 Release */
     $data['8.4'] = [
-        'version' => '8.4.22',
-        'date' => '04 Jun 2026',
-        'tags' => [], // Set to ['security'] for security releases.
+        'version' => '8.4.23',
+        'date' => '02 Jul 2026',
+        'tags' => ['security'], // Set to ['security'] for security releases.
         'sha256' => [
-            'tar.gz' => 
'a012c2c9724baf214a70b41b40a7e130906b8855e54268afa5bc4ae17bc9d823',
-            'tar.bz2' => 
'4b16e7e2c384ce25e07d28eb949855c4b4fe0d1b7b9ec9c8eebd05d0cfa9c532',
-            'tar.xz' => 
'696c0f6ad92e94c59059c1eb6e300842b8d050934226efcdf00f2a413cb083cf',
+            'tar.gz' => 
'f43b69572cabfb91c023356f3ce197c782d8a255bc084c1a6af58c0e86cf7573',
+            'tar.bz2' => 
'c142c063b10cff68d072766e3ffbfb3654a089b938668b0830356437ee95e0fa',
+            'tar.xz' => 
'1ab9f52008414e43bb2427ffa288eff2a4de39e1a830f957e800ba368d887a72',
         ]
     ];
 
diff --git a/releases/8_4_23.php b/releases/8_4_23.php
new file mode 100644
index 0000000000..23555cff23
--- /dev/null
+++ b/releases/8_4_23.php
@@ -0,0 +1,16 @@
+<?php
+$_SERVER['BASE_PAGE'] = 'releases/8_4_23.php';
+include_once __DIR__ . '/../include/prepend.inc';
+site_header('PHP 8.4.23 Release Announcement');
+?>
+<h1>PHP 8.4.23 Release Announcement</h1>
+
+<p>The PHP development team announces the immediate availability of PHP 
8.4.23. This is a security release.</p>
+
+<p>All PHP 8.4 users are encouraged to upgrade to this version.</p>
+
+<p>For source downloads of PHP 8.4.23 please visit our <a 
href="https://www.php.net/downloads.php";>downloads page</a>,
+Windows source and binaries can also be found <a 
href="https://www.php.net/downloads.php?os=windows&amp;version=8.4";>there</a>.
+The list of changes is recorded in the <a 
href="https://www.php.net/ChangeLog-8.php#8.4.23";>ChangeLog</a>.
+</p>
+<?php site_footer();

Reply via email to