diff --git a/NEWS b/NEWS
index 4fbc7e89eb11..ac3381900831 100644
--- a/NEWS
+++ b/NEWS
@@ -21,6 +21,9 @@ PHP                                                                        NEWS
   . Deprecate specifying a nullable return type for __debugInfo(). (timwolla)
   . Fixed bug GH-22142 (Assertion failure in zendi_try_get_long() on IS_UNDEF).
     (David Carlier)
+  . Fixed bug GH-22046 (The unserialize function can lead to segfault when
+    non-Serializable internal classes are serialized back with the C format).
+    (kocsismate)
 
 - BCMath:
   . Added NUL-byte validation to BCMath functions. (jorgsowa)
@@ -70,6 +73,8 @@ PHP                                                                        NEWS
 - Intl:
   . Fixed malformed ResourceBundle::get() error message when fallback is
     disabled. (Weilin Du)
+  . Fixed IntlTimeZone::getDisplayName() to synchronize object error state
+    for invalid display types. (Weilin Du)
   . Added IntlNumberRangeFormatter class to format an interval of two numbers
     with a given skeleton, locale, collapse type and identity fallback.
     (BogdanUngureanu)
diff --git a/UPGRADING.INTERNALS b/UPGRADING.INTERNALS
index c340ba64833c..dd4b9840aee3 100644
--- a/UPGRADING.INTERNALS
+++ b/UPGRADING.INTERNALS
@@ -135,6 +135,8 @@ PHP 8.6 INTERNALS UPGRADE NOTES
     . --with-pic is now --enable-pic. The old flag will result in an error.
   . Symbol HAVE_ST_BLOCKS has been removed from php_config.h (use
     HAVE_STRUCT_STAT_ST_BLOCKS).
+  . Added a new configure option --disable-apache2-conf to prevent apxs from
+    editing httpd.conf during installation.
 
 - Windows build system changes:
   . Function SETUP_OPENSSL() doesn't accept 6th argument anymore and doesn't
diff --git a/ext/intl/tests/timezone_getDisplayName_error.phpt b/ext/intl/tests/timezone_getDisplayName_error.phpt
index ca845b2830ed..032b22e50908 100644
--- a/ext/intl/tests/timezone_getDisplayName_error.phpt
+++ b/ext/intl/tests/timezone_getDisplayName_error.phpt
@@ -8,8 +8,12 @@ intl
 $tz = IntlTimeZone::createTimeZone('Europe/Lisbon');
 var_dump($tz->getDisplayName(false, -1));
 echo intl_get_error_message(), PHP_EOL;
+var_dump($tz->getErrorCode());
+echo $tz->getErrorMessage(), PHP_EOL;
 
 ?>
 --EXPECT--
 bool(false)
 IntlTimeZone::getDisplayName(): wrong display type: U_ILLEGAL_ARGUMENT_ERROR
+int(1)
+IntlTimeZone::getDisplayName(): wrong display type: U_ILLEGAL_ARGUMENT_ERROR
diff --git a/ext/intl/timezone/timezone_methods.cpp b/ext/intl/timezone/timezone_methods.cpp
index 29180f9caa2d..8f70a87487ac 100644
--- a/ext/intl/timezone/timezone_methods.cpp
+++ b/ext/intl/timezone/timezone_methods.cpp
@@ -483,13 +483,16 @@ U_CFUNC PHP_FUNCTION(intltz_get_display_name)
 		RETURN_THROWS();
 	}
 
+	TIMEZONE_METHOD_FETCH_OBJECT;
+
 	bool found = false;
 	for (int i = 0; !found && i < sizeof(display_types)/sizeof(*display_types); i++) {
 		if (display_types[i] == display_type)
 			found = true;
 	}
 	if (!found) {
-		intl_error_set(NULL, U_ILLEGAL_ARGUMENT_ERROR, "wrong display type");
+		intl_errors_set(TIMEZONE_ERROR_P(to), U_ILLEGAL_ARGUMENT_ERROR,
+			"wrong display type");
 		RETURN_FALSE;
 	}
 
@@ -497,8 +500,6 @@ U_CFUNC PHP_FUNCTION(intltz_get_display_name)
 		locale_str = intl_locale_get_default();
 	}
 
-	TIMEZONE_METHOD_FETCH_OBJECT;
-
 	UnicodeString result;
 	to->utimezone->getDisplayName((UBool)daylight, (TimeZone::EDisplayType)display_type,
 		Locale::createFromName(locale_str), result);
diff --git a/ext/standard/tests/serialize/serialization_objects_009.phpt b/ext/standard/tests/serialize/serialization_objects_009.phpt
index 9485f3ef8068..95b85ccd80f7 100644
--- a/ext/standard/tests/serialize/serialization_objects_009.phpt
+++ b/ext/standard/tests/serialize/serialization_objects_009.phpt
@@ -8,17 +8,16 @@ eval('class C {}');
 $b = unserialize($ser);
 
 var_dump($a, $b);
-
 echo "Done";
 ?>
 --EXPECTF--
-Warning: Class __PHP_Incomplete_Class has no unserializer in %sserialization_objects_009.php on line %d
+Warning: Class __PHP_Incomplete_Class has no unserializer in %s on line %d
+
+Warning: unserialize(): Error at offset 11 of 18 bytes in %s on line %d
+
+Warning: Class C has no unserializer in %s on line %d
 
-Warning: Class C has no unserializer in %sserialization_objects_009.php on line %d
-object(__PHP_Incomplete_Class)#%d (1) {
-  ["__PHP_Incomplete_Class_Name"]=>
-  string(1) "C"
-}
-object(C)#%d (0) {
-}
+Warning: unserialize(): Error at offset 11 of 18 bytes in %s on line %d
+bool(false)
+bool(false)
 Done
diff --git a/ext/standard/var_unserializer.re b/ext/standard/var_unserializer.re
index d5019d94dc0c..484cb5aa8fc9 100644
--- a/ext/standard/var_unserializer.re
+++ b/ext/standard/var_unserializer.re
@@ -770,7 +770,7 @@ static inline int object_custom(UNSERIALIZE_PARAMETER, zend_class_entry *ce)
 
 	if (ce->unserialize == NULL) {
 		zend_error(E_WARNING, "Class %s has no unserializer", ZSTR_VAL(ce->name));
-		object_init_ex(rval, ce);
+		return 0;
 	} else if (ce->unserialize(rval, ce, (const unsigned char*)*p, datalen, (zend_unserialize_data *)var_hash) != SUCCESS) {
 		return 0;
 	}
diff --git a/ext/uri/tests/gh22046.phpt b/ext/uri/tests/gh22046.phpt
new file mode 100644
index 000000000000..af297905aa30
--- /dev/null
+++ b/ext/uri/tests/gh22046.phpt
@@ -0,0 +1,19 @@
+--TEST--
+GH-22046: The unserialize function can lead to segfault when internal classes are serialized back with the unsupported C format
+--FILE--
+<?php
+
+$payload = 'C:14:"Uri\WhatWg\Url":0:{}';
+unserialize($payload);
+
+$payload = 'C:15:"Uri\Rfc3986\Uri":0:{}';
+unserialize($payload);
+?>
+--EXPECTF--
+Warning: Class Uri\WhatWg\Url has no unserializer in %s on line %d
+
+Warning: unserialize(): Error at offset 25 of 26 bytes in %s on line %d
+
+Warning: Class Uri\Rfc3986\Uri has no unserializer in %s on line %d
+
+Warning: unserialize(): Error at offset 26 of 27 bytes in %s on line %d
diff --git a/sapi/apache2handler/config.m4 b/sapi/apache2handler/config.m4
index e335721f19e9..3001a4d61d9a 100644
--- a/sapi/apache2handler/config.m4
+++ b/sapi/apache2handler/config.m4
@@ -6,6 +6,15 @@ PHP_ARG_WITH([apxs2],
   [no],
   [no])
 
+PHP_ARG_ENABLE([apache2-conf],
+  [whether to activate the PHP module in Apache httpd.conf via apxs],
+  [AS_HELP_STRING([--disable-apache2-conf],
+    [Do not activate the PHP module in the Apache httpd.conf during installation
+    via apxs. Useful when installing into a staging directory or when Apache
+    configuration is managed separately (e.g., via a2enmod).])],
+  [yes],
+  [no])
+
 if test "$PHP_APXS2" != "no"; then
   AS_VAR_IF([PHP_APXS2], [yes], [
     APXS=apxs
@@ -69,7 +78,7 @@ if test "$PHP_APXS2" != "no"; then
     [AC_MSG_ERROR([Please note that Apache version >= 2.4 is required])])
 
   APXS_LIBEXECDIR='$(INSTALL_ROOT)'$($APXS -q LIBEXECDIR)
-  if test -z $($APXS -q SYSCONFDIR); then
+  if test -z $($APXS -q SYSCONFDIR) || test "$PHP_APACHE2_CONF" = "no"; then
     INSTALL_IT="\$(mkinstalldirs) '$APXS_LIBEXECDIR' && \
                  $APXS -S LIBEXECDIR='$APXS_LIBEXECDIR' \
                        -i -n php"