4.1.42

TL;DR

WordPress 4.1.42 is primarily a security and maintenance release that updates the bundled Root Certificates to ensure secure connections on hosts with outdated SSL configurations. It also includes important build and test tool improvements to maintain development environment compatibility, and adds an end-of-support notification for WordPress 4.1. This release is critical for sites still running WordPress 4.1 to maintain secure connections, though users are strongly encouraged to upgrade to a current WordPress version as this branch is no longer receiving regular security updates.

Highlight of the Release

• Updated bundled Root Certificates to maintain secure connections on hosts with outdated SSL configurations
• Added end-of-support notification for WordPress 4.1 branch
• Improved build and test tools for development environments
• Updated composer/ca-bundle to version 1.5.7

Migration Guide

No specific migration steps are required when updating from WordPress 4.1.41 to 4.1.42.

However, it's important to note that WordPress 4.1 is no longer receiving regular security updates. Site administrators should plan to migrate to a current, supported version of WordPress as soon as possible to ensure continued security and feature support.

Upgrade Recommendations

For sites on WordPress 4.1.41:

• Upgrade to WordPress 4.1.42 is recommended for security improvements.

For all WordPress 4.1.x sites:

• Critical recommendation: Plan to upgrade to the latest WordPress version as soon as possible.
• WordPress 4.1 is no longer receiving regular security updates and is considered end-of-life.
• Continuing to run an unsupported version puts your site at increasing security risk over time.

Bug Fixes

Build and Test Environment Fixes

• Fixed WordPress Importer fetching for tests by switching from SVN to Git
• Pinned a specific Importer version compatible with WordPress 4.1
• Fixed issues with JavaScript testing on Ubuntu 24 by disabling AppArmor
• Fixed bad merge in previous commits related to the WordPress Importer

New Features

No new features were added in this maintenance release. WordPress 4.1.42 focuses on security updates and build tool improvements for the legacy 4.1 branch.

Security Updates

• Updated the bundled Root Certificate bundle (ca-bundle.crt) to the latest version from Mozilla
• Maintained unexpired legacy 1024bit certificates for backward compatibility
• Updated composer/ca-bundle to version 1.5.7
• Added an end-of-support notification to encourage users to upgrade to a supported WordPress version

Performance Improvements

This release does not contain specific performance improvements. The focus was on security updates and maintaining build tool compatibility.

Impact Summary

WordPress 4.1.42 is primarily a security maintenance release that updates the bundled Root Certificates to ensure secure connections on hosts with outdated SSL configurations. This is critical for maintaining HTTPS connections on older WordPress installations.

The release also improves the development environment for the 4.1 branch with updated Docker configurations, Git-based tooling instead of SVN, and fixes for test environments. These changes won't affect production sites but help maintain the ability to work on this legacy branch.

Most importantly, this release adds an end-of-support notification to inform users that WordPress 4.1 is no longer receiving regular security updates. While this release addresses specific security concerns, users should prioritize upgrading to a current WordPress version to ensure ongoing security and feature support.