4.3.35

TL;DR

WordPress 4.3.35 is primarily a security and maintenance release that updates the bundled Root Certificates to ensure secure connections on hosts with outdated SSL configurations. It also includes important build and test tool improvements to maintain development environment compatibility with modern systems. Additionally, this release adds an end-of-support notification for WordPress 4.3, indicating users should upgrade to a newer version to continue receiving security updates.

Highlight of the Release

• Updated bundled Root Certificates to improve SSL/TLS security
• Added end-of-support notification for WordPress 4.3
• Improved build and test tools for better development environment compatibility
• Updated composer/ca-bundle to version 1.5.7

Migration Guide

No specific migration steps are required for this maintenance release. However, since WordPress 4.3 is reaching end-of-support status, users are strongly encouraged to plan for upgrading to a newer WordPress version to continue receiving security updates.

Upgrade Recommendations

This release contains important security updates to the Root Certificate bundle and is recommended for all WordPress 4.3 installations.

However, WordPress 4.3 is now reaching end-of-support status. Users are strongly advised to upgrade to a newer WordPress version as soon as possible to continue receiving security updates and benefit from newer features and improvements.

Bug Fixes

Build and Test Environment Fixes

• Fixed issues with the WordPress Importer plugin in test environments by switching from SVN to Git for fetching the plugin
• Pinned a specific WordPress Importer version compatible with WordPress 4.3
• Fixed container configuration issues:
  • Updated image and platform properties for MySQL containers to prefer amd64 containers
  • Pinned macos-13 for MacOS jobs instead of using macos-latest
  • Fixed healthcheck command for the MySQL container
  • Removed SVN-related commands causing failures
• Disabled AppArmor for JavaScript testing to fix tests on ubuntu-24

New Features

No significant new features were added in this maintenance release. The changes focus primarily on security updates, build tool improvements, and development environment compatibility.

Security Updates

Security Improvements

• Updated the bundled Root Certificate bundle (ca-bundle.crt) to the latest version from Mozilla
• Maintained unexpired legacy 1024bit certificates for backward compatibility
• Updated composer/ca-bundle to version 1.5.7
• Added an end-of-support notification to alert users that WordPress 4.3 will no longer receive security updates

Performance Improvements

No specific performance improvements were included in this release. The changes primarily focus on security updates and development environment compatibility.

Impact Summary

WordPress 4.3.35 is primarily a security maintenance release that updates the bundled Root Certificates to ensure secure connections on hosts with outdated SSL configurations. This is particularly important for maintaining secure HTTPS connections across various hosting environments.

The release also includes significant improvements to build and test tools, ensuring that the development environment remains compatible with modern systems. These changes include Docker Compose V2 compatibility, updated container configurations, and fixes for testing workflows.

Most importantly, this release adds an end-of-support notification for WordPress 4.3, indicating that users should upgrade to a newer version to continue receiving security updates. This is a critical signal for site administrators to plan their upgrade path to maintain site security.