PHP 8.1.16 Released!

2 years ago by Ben Ramsey — view source — reply

unread

The PHP development team announces the immediate availability of PHP
8.1.16. This is a security release that addresses CVE-2023-0567,
CVE-2023-0568, and CVE-2023-0662.

All PHP 8.1 users are advised to upgrade to this version.

For source downloads of PHP 8.1.16 please visit our downloads page.
Windows binaries can be found on the PHP for Windows site.
The list of changes is recorded in the ChangeLog.

Release Announcement: https://php.net/releases/8_1_16.php
Downloads: https://php.net/downloads
Windows downloads: https://windows.php.net/download#php-8.1
Changelog: https://php.net/ChangeLog-8.php#8.1.16
Release Manifest:
https://gist.github.com/ramsey/bded81480eb74ca182579849a3c37204

Many thanks to all the contributors and supporters!

Ben Ramsey, Patrick Allaert, & Joe Watkins

php-8.1.16.tar.bz2
SHA256 hash:
95f2e4f2502906ac233217844806018e888135f0718649f4a0a67e40e450ffa1
PGP signature:
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEObZBND2MEEsrFG3D+cOdwLlphUQFAmPrxc8ACgkQ+cOdwLlp
hUTErQ//bZKk0FKfY7SGFRfveRB4mPOaCodXFAZgOXj8M+Qg9QCP1nx5f/HDlRPm
988yyZjn4LCieCRUZbeqBbxqP/ij+i30jDzSG/FDslqUzwwurnUp2OVMmy3Y78Ev
gMkMUjVZiyMVtkUiLRpP97iNSHv3CffUIjw1oaUuB7iRD+/ufw4oKhpyWSROEArb
bhyU3nkPsHrUt5LHM/7vjqzgetsPsI9YrsWpdVZkLb5q0V3jVCaMMQsH1UAPTMq8
SqBlBFHAxhAzz58/oqBFAodIxOp8aeOVtoxlXleDfGhHuR9LpXAJj/1J/vCYEl5K
d8YMQOM8l+j09z3JVk0+9vEYt0PVQFhfCLwXiTAU1TdIa7N51ka7pET7kRoFg+aC
MidP1rEAB6o58rAvU4uqIopDo960iXUVaJuLTRWrAGuGsW97nzj84F0qRXyk/PDs
E4ttR0umalX0w0GPpuAjuFbZUy9DGzmzzu/gP6vQaq9VosH/2uB7Wxd5D6OthRrN
EhfZY+Q5jN58EFRgYTDBqwDU3gVEPrkIMxNzsaIMm78vdzEHqtWsSkDd/Qt7M4tg
CCK9jrz9Kzytj1T805KPVTTjZTk3WTmWLBrXkBFcDfHmM9T4hWhmhXC5XD9srKi5
aXjic+1MK9zK1wBfev7U3DPHCw3kTVWjrXc5XT2Bix7M21kHN6c=
=dbfQ
-----END PGP SIGNATURE-----

php-8.1.16.tar.gz
SHA256 hash:
cb1f2ef7af37aa9978e7742818d9edbf27b1db009bc3dfefe7dc522cb3d3423d
PGP signature:
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEObZBND2MEEsrFG3D+cOdwLlphUQFAmPrxdIACgkQ+cOdwLlp
hURrmA/8D8yP02We+9WPAY5LGsnNTC3FJrrONOx3i+sTSj/c6I4+37llxZJqn0Em
4yHr6xBegafas+sgtqpRcTRgEpYCO16thVP7HIRnvcgf+o4axdcIt80BJAPyycnJ
gZpeKDIse9VW0BjFZxrg5klhXYP+05sHj17tIPdsA682jNHHRHC8PkdSWuCqBRMQ
ANkPqG9K7zWwYFZXVAB5XF86SfVmfLvhIIV6/xzQBvg6DjEMedi3t+9NI9cgSFsb
/1XOuA5tiC9qWd/y+IgoCgm5ArrIS7JmXfdLbODWWGYobSl+wqxMj3iEFsT0TMcY
KnArgcigGBwI6bkGp+QN3g8tHFF5J1cLzRNKrH44EupjmvmiuhEYhsGXQ7yKM21y
9BgSudZ60fQhS1KSXngHnNyf6/P4YRkA6B8B2B0OE3fwzywZDdRUBhkLGAKPcmAU
zuNPLC8w6gE72F6Phu64qZLcjb1O8oqXCQIgp/mzjjYcyvOSJUpCCXUUQsIo0AhC
Gp6B1IV4M5zVnyhQhEJR3LJP6SgB/anoRT6074XJTeCfyPucLHB/oad/i0tqslsC
Toe/OkKRbMGvwigwwrWP2NwbDko+q7rFSwl/r5j/TYnEZKJrbMwC4QuYVRRuYgWM
BKa75qRLHF+dm3EduM3AbB+3RlsduD/bl9ZECKhWcaggx2e+Yu8=
=hivW
-----END PGP SIGNATURE-----

php-8.1.16.tar.xz
SHA256 hash:
7108b7347981ad6e610aaf3b3fb0f6444019ab6f59a872c1b55a29bc753eba93
PGP signature:
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEObZBND2MEEsrFG3D+cOdwLlphUQFAmPrxdQACgkQ+cOdwLlp
hUS/1A//aZ817RF6e+MvXV/ILX3YjO3e6ewzdUyggjxrZa53S4ZTVuYIjylkAhG7
81/YV49VL/m5WWXyxvrGSfJaXI4qy9l1+KUeIQwcWl9CHptWfSkUrxsau6KzqCYj
2OOohBvRp8wv2OXmUImhKHwi95WnPSzCqvwY5v++kjbtLUSlEazIa7uWyj5XsmuY
ko3Qf3rhUDFF9CYGI0ajKsFSkLN4tAUoG6qXEMQJAokGT6OWdPgLzcax9fquhqka
/f2L0by3BmontuGPd+g1hruFIC8o2DART+REVsjtiwjTI3nYotozSXLPtopyTu8+
oVEP+dZuqLOxvbqOxV8N126nCI+8PWdZ4sMj8vGdaSCQI9etmQLG6owVWaenikmC
haabhcf1NRZogpg3o94jt9V+SN/8fqArszHTXvX/NFBlB6j1hTQjqkjeRG6sW7iQ
BfscRqPoyeMNSdVRUilHyN5i0NE6ULEVQkqgid9OAgtfIC/KaYhakjwsOh4XI7Lp
qcy4Ol0TcNlUVwlxa4FDGxHllgdB/tJn97l6iIsZHguoPyCrGfZ3PRwdQj0g8/0w
cRKTwv+8qHFizRltuJaqM9Ic3w6dQokeOjHDXewdaLyIsF7Lqfxbh4ZnXRQ+NVgP
btjyr/Drt+V8Puv+QDgsd0FzUtJr40Hyw8xT7S0/pMC0SEP2uAo=
=PMxC
-----END PGP SIGNATURE

2 years ago by Ben Ramsey — view source — reply

unread

My sincerest apologies to all for the corrupted PHP 8.1.16 tarballs.

I have corrected the problem and uploaded new tarballs.
The new tarballs are available at https://php.net/downloads. However,
due to the caching at our CDN, it may take up to 24 hours for the URLs
to respond with the updated files. If the files you download do not
match the hashes or signatures found below, you may append any query
string parameter to the URLs to bust the cache and download the correct
files.

For example:
https://www.php.net/distributions/php-8.1.16.tar.xz?foo=bar
https://www.php.net/distributions/php-8.1.16.tar.xz.asc?foo=bar

Please note: the hashes and signatures for these tarballs have changed.

The new hashes and signatures are available in the release manifest
at https://gist.github.com/ramsey/bded81480eb74ca182579849a3c37204,
as well as below.

Again, I am very sorry for the inconvenience, and I am making changes
to my packaging process to ensure this does not happen again.

Cheers,
Ben Ramsey

php-8.1.16.tar.bz2
SHA256 hash:
cd9f0ea14d82d9455587a49a0b6c802a7b8d8ff79703f9f48b17db010fb633ce
PGP signature:
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEObZBND2MEEsrFG3D+cOdwLlphUQFAmPr2q0ACgkQ+cOdwLlp
hUQdmRAAlDjcLMjPR899H4cBBZx0LeJYyCljB92S0wyhgSXf2zj+BIzzLv78QgZ2
+8q3JeXRc86+eVRzoR4DXEsnIM2frwBNusqe8IoMfTomk8ySXECiM8Jk+gOounZl
+YEWVWhnlsfc10Onelu4WsHbgs2nzwL5J7z1muhiuG+6WRYa3ulsdBriZ6cp5g3b
qNiFjn3sjt0Br0JV8EvDI2irzTc3GeYpUl2NgYyaJPexeRpDqikT7N9q1A4aQyvN
ehBmVKZGlsj3CP54fCxSSUAF600Z483cKpJiPcGmAl8tUkKkrakXcQh6vFk7fLpd
cFZItRWdnwN5S6cLJfy6Bt7bvrmwSTHHJcV7UAIa+/lej4YB3PY3zdgMOd0Bu+il
jK+jwQsE2Zwg8xsPtZ0K2/nJgtwEeFcGkqCU6jqaU2Ot4uJtfloPgcW0atD9M/J9
Ljn/pXH/fZWhk2sxZUopqQE7C92RuIYwxhXJGQSnLJAjiYH4pLoTiHiO3BcOh3Gn
GKyujYcPAV1c5njh0gImtl+VKCdm+E4fdpOLpwBs2V5PEg2CDPpJIvFLh/5gEyTh
IC1ACUFHCl9n08kMxPTyS2CMJzhe93pf2DMmDkMwA3fTe1nfkp5/l37ot/B4ZdxR
2eitIolCV16ghTPiI8jEzC89tJ4wBUxCnjfBCRp73fvgrL1o0DE=
=NOkP
-----END PGP SIGNATURE-----

php-8.1.16.tar.gz
SHA256 hash:
a929fb9ed3bc364a5dea4f64954e8aaaa3408b87df04d7c6f743a190f5594e84
PGP signature:
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEObZBND2MEEsrFG3D+cOdwLlphUQFAmPr2q0ACgkQ+cOdwLlp
hUSTnhAApBGA24dVyaDfokgewKIoftEkS146yfmbCuIKhevQW2ZCaH1bvFRzYi1S
Qoq2AeVYjuNhv3kuqwcN0qYQq493lUyuLjJZAGdyWUSK2pEaZTXVEI0g0PRAV4Yr
vPD5ZA82CAOLcK0vAUyqRRl5MTEgqViujYj3ixRwHC73kzQhwRC8MMK0XUWMSuxJ
dNsfYgh8bFzhsYsuNsKL7bmq2rhPS0jRJWmJIk7J4lmkoYQ2EUohCh/boa5m9h2g
v6w/98uZ12meGkGE1tT4LOdRBm2TAzTC1STwAC/el7ouN2ryilNU2Xz30T/IuDvA
Rcr83somSQ0AFTVnRCorRQKdhYyt5Km2wrQ1gytq0CYqEm1zDWwQQ6PULN75Jcpt
TC4annxwt3KhfnTZ85sfYRdnEmOgTeVxDktUryPachMfCQSiz5T6Az4Zu2elgqdU
8/xDOxuP7uy46olF1uFxpeL08k9SeLHMOycJHzoKmcsk2DNL+hdnpyRPVo7VWU92
2V0wTlP4YehXh2kbnpiJ+mM4uX4nICI/ioOCzP4nx/hRZ8P988046N1ZW8258dp7
Tkan6rz1z/L0CkNTJbAwJc/DJHgWIykKbXvhCb67rO2f4P6jBSIk7cinUbP01w1W
UfAaEtdHpEOZp5iUHYt1JPKEdlUTsMEkBbTufYA7rCYRtwlB31M=
=/+ux
-----END PGP SIGNATURE-----

php-8.1.16.tar.xz
SHA256 hash:
d61f13d96a58b93c39672b58f25e1ee4ce88500f4acb1430cb01a514875c1258
PGP signature:
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEObZBND2MEEsrFG3D+cOdwLlphUQFAmPr2q0ACgkQ+cOdwLlp
hURNOw//ejI5fWNg8xcVFnjiWtCOj9U4HwyVxHdEXJOOQrdZV3MFf1bG/yTi4jSh
GCSRO8tUbW3n8FzWRYRv938YEky2bl64IU2bgKIxvQmmIq6pEjRrLWCuY71RJIJO
QvwvZUo9GQPPnwfoJLFhtv4GWcPUM1+Cpi/SNU7vX4C1vMsO7ZClyAu57Wtg37Rm
x3N9r/tY/lG+hOFg0ELLZ5BYPKSebulvXYTS5hF5o4i3mXZJnaGMbKjjVyHtD/Lg
CVdiJlmhZ7aF+IWHtUnX+/z+FMD7FnpkqRSABAHRFjdxs6id83ymKNCDMNtPFZYe
F7V/IFMjBGfy9SxDnBuYFeiPBg9NiYGNubKFq+IUX2CX1QL+AP3+VUPaUka77Zix
18F8nV+BwxEouuyQhsUYcd81+e4D7H6IrpSQacJmlcL8oQmFALLdHkPNZia/F/vb
0r+UB0dnwKKRJ8udgddv4TC0r4pYujwGumZmo9K3spSVoI8RT9IrjIE3gugFKsmt
MvSIzg4AxttNcAjv7gDv1/JxBUNp5FLLKhLbMT4E4rI67ZRNKzD3GHz1uObNodK9
fQvbUPWW/I2dRxid0ZAJwYPYmy8ULaGg8CdYebELka5gbd0Prk79B0Y0Nu2Hkjdg
3Ns6ERkcb2b/5WD18iJ+1rLdx0QlxzlwMviFLwMGEy9KjxTbK9I=
=+oRb
-----END PGP SIGNATURE