PHP 8.1.3 Security Release: Bug Fixes and Updates
PHP 8.1.3 has been released as a security‑focused update that fixes numerous core, FFI, filter, FPM, MBString, MySQLnd, pcntl, sockets, and standard extension bugs, and users of the 8.1 series are encouraged to upgrade promptly.
PHP 8.1.3 has been released as a security‑focused update, and the PHP project encourages all users of the 8.1 series to upgrade.
Key changes include:
Core : Fixed bug #81430 (dangling pointer after property instantiation), bug #7896 (environment variable corruption on Windows), bug #7883 (Segfault when INI file is unreadable).
FFI : Fixed bug #7867 (FFI::cast() from pointer to array broken).
Filter : Fixed #81708 – UAF caused by php_filter_float() on integer values (CVE‑2021‑21708).
FPM : Fixed memory leak on invalid port and bug #7842 (invalid OpenMetrics response format on status page).
MBString : Fixed bug #7902 (mb_send_mail may delimit headers with LF only).
MySQLnd : Fixed bug #7972 (MariaDB version prefix 5.5.5‑ not stripped).
pcntl : Fixed build issue for pcntl_rfork on DragonFlyBSD.
Sockets : Fixed bug #7978 (sockets extension compilation error).
Standard : Fixed bug #7899 (regression with negative int values in unpack) and bug #7875 (mail sent even when log throws exception).
For the full changelog, see PHP 8.1.3 changelog .
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Laravel Tech Community
Specializing in Laravel development, we continuously publish fresh content and grow alongside the elegant, stable Laravel framework.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.