On 19.12.2024 at 23:12, Morgan wrote: > On 2024-12-20 06:46, Calvin Buckley wrote:
>> For source downloads of PHP 8.4.2 please visit our downloads page. >> Windows binaries can be found on the PHP for Windows site. >> The list of changes is recorded in the ChangeLog. > > Interestingly for the Windows builds, > unpacking php-8.4.2-Win32-vs17-x64.zip triggers an alert about Win32/ > GenKryptik.HEXO in deplister.exe from my antivirus software. I presume > that it's a false positive, but it refuses to allow the file. Yeah, that happens from time to time[1], although I don't understand why. The source code[2] doesn't look suspicious to me, and the Windows binaries have been built via GH actions[3], so even if some malicious code had been added there, why would it only affect deplister.exe? [1] <https://github.com/php/php-src/issues/14875> [2] <https://github.com/php/php-src/blob/php-8.4.2/win32/build/deplister.c> [3] <https://github.com/cmb69/php-ftw/actions/runs/12378057884> Christoph
