4.2.39

TL;DR

WordPress 4.2.39 is primarily a security and maintenance release that updates the bundled Root Certificates to ensure secure connections on hosts with outdated SSL configurations. It also includes important build and test tool improvements to maintain development environment compatibility with modern systems. Additionally, this release adds an end-of-support notification for WordPress 4.2, indicating users should upgrade to a newer version to continue receiving security updates.

Highlight of the Release

• Updated bundled Root Certificate bundle to the latest version from Mozilla
• Added end-of-support notification for WordPress 4.2
• Migrated to Docker Compose V2 for improved development environment compatibility
• Updated composer/ca-bundle to version 1.5.7

Migration Guide

End of Support Notice

WordPress 4.2 has reached its end of support. This means:

1. No further security updates will be provided for WordPress 4.2
2. Sites running WordPress 4.2 may become vulnerable to security issues
3. Users should plan to upgrade to a supported WordPress version as soon as possible

Upgrading from WordPress 4.2

To upgrade from WordPress 4.2 to a supported version:

1. Back up your website files and database
2. Consider upgrading incrementally through major versions (4.2 → 4.5 → 4.9 → 5.x) to minimize compatibility issues
3. Test your themes and plugins for compatibility with newer WordPress versions
4. Review the WordPress documentation for detailed upgrade instructions

Upgrade Recommendations

For sites still running WordPress 4.2.38:

• Immediate upgrade to WordPress 4.2.39 is recommended to ensure you have the latest security updates available for this branch.

For all WordPress 4.2.x sites:

• Critical migration needed to a supported WordPress version as soon as possible. WordPress 4.2 has reached end-of-support status and will no longer receive security updates.
• Consider working with a WordPress professional to plan and execute your upgrade path if you're managing a complex site with custom themes or plugins.

Bug Fixes

Development Environment Fixes

• Fixed issues with the WordPress Importer plugin in tests by switching from SVN to Git for fetching the plugin
• Pinned a specific WordPress Importer version compatible with WordPress 4.2
• Fixed container architecture issues by updating the MySQL container to always prefer amd64 containers
• Fixed JavaScript testing on Ubuntu 24 by disabling AppArmor
• Fixed SVN-related commands that were causing failures in CI workflows

New Features

No new features were added in this maintenance release. The focus was on security updates and maintaining compatibility with modern development environments.

Security Updates

• Updated the bundled Root Certificate bundle (ca-bundle.crt) to the latest version from Mozilla
• Maintained backward compatibility by keeping all unexpired legacy 1024bit certificates
• Updated composer/ca-bundle to version 1.5.7
• Added end-of-support notification to alert users that WordPress 4.2 will no longer receive security updates

Performance Improvements

No specific performance improvements were included in this release. The changes were focused on security updates and development environment compatibility.

Impact Summary

WordPress 4.2.39 is primarily a security maintenance release that updates the bundled Root Certificates to ensure secure connections on hosts with outdated SSL configurations. This is crucial for maintaining the security of WordPress sites still running version 4.2.

The release also marks the end-of-support for WordPress 4.2, with a notification added to alert administrators that they need to upgrade to a newer version to continue receiving security updates. This is a significant milestone as it officially signals that no further security patches will be provided for the 4.2 branch.

For developers, the release includes several improvements to the build and test tools, ensuring that local development environments continue to work with modern systems. This includes migration to Docker Compose V2, updates to container configurations, and fixes for test workflows.

While this release helps maintain security for sites still on WordPress 4.2, the clear message is that administrators should plan to upgrade to a supported WordPress version as soon as possible to ensure ongoing security and compatibility.