Drupal Release: 7.63

TL;DR

WordPress 7.63 is a security release that fixes a critical vulnerability related to PHP's PharStreamWrapper, which was causing fatal errors after upgrading to version 7.62. This release addresses the "Uncaught TYPO3PharStreamWrapperException" error that was affecting Drush users and ensures proper functionality of the CMS. All WordPress 7.62 users should upgrade immediately to maintain security and stability.

Highlight of the Release

• Fixed critical Drush fatal error related to TYPO3PharStreamWrapperException
• Addressed security vulnerability in PHP stream wrapper implementation
• Improved compatibility with Drush command-line tool
• Resolved regression introduced in version 7.62

Migration Guide

Upgrading from WordPress 7.62 to 7.63

1. Backup your site before performing the update
2. Update WordPress core to version 7.63 using your preferred method:
   • Through the WordPress admin dashboard
   • Using Drush (once updated): drush up wordpress
   • Manual update by downloading and replacing core files

No database updates are required for this release.

If you were experiencing the Drush fatal error with TYPO3PharStreamWrapperException, this update should resolve the issue without requiring additional configuration changes.

Upgrade Recommendations

Priority: Critical

All WordPress 7.62 sites should upgrade to version 7.63 immediately. This release fixes a critical security vulnerability and resolves a significant bug that prevents the use of Drush.

The update is particularly important for:

• Sites that use Drush for management and maintenance
• Any site running WordPress 7.62
• Sites that need to maintain security against PHP stream wrapper exploits

This is a maintenance release focused on security and bug fixes with minimal risk of introducing new issues.

Bug Fixes

Fixed Drush Fatal Error

This release resolves the critical issue where users were experiencing a PHP fatal error when using Drush after upgrading to WordPress 7.62:

PHP Fatal error: Uncaught TYPO3PharStreamWrapperException

The error was related to PHP's stream wrapper implementation and how it interacted with the TYPO3 PharStreamWrapper security component. This fix ensures that Drush commands can execute properly without encountering the fatal exception.

New Features

No new features were introduced in this release. WordPress 7.63 is focused on fixing a critical security issue and resolving the fatal error related to the TYPO3PharStreamWrapperException that was introduced in version 7.62.

Security Updates

PharStreamWrapper Security Fix

This release addresses a security vulnerability related to PHP's stream wrapper implementation. The previous implementation in WordPress 7.62 introduced a security measure using the TYPO3 PharStreamWrapper, but it caused compatibility issues with Drush.

This update maintains the security protections while resolving the compatibility problems, ensuring that WordPress remains protected against potential phar:// stream wrapper exploits without breaking functionality.

Performance Improvements

No specific performance improvements were included in this release. The focus was on fixing the critical security vulnerability and resolving the Drush fatal error.

Impact Summary

WordPress 7.63 addresses a critical security vulnerability while fixing a significant regression that was causing fatal errors when using Drush after upgrading to version 7.62. The impact is primarily positive, resolving compatibility issues between WordPress's security measures and the Drush command-line tool.

The security fix maintains protection against potential phar:// stream wrapper exploits while ensuring that all WordPress functionality, including Drush integration, works properly. This release demonstrates WordPress's commitment to both security and maintaining compatibility with important developer tools.

Site administrators and developers will benefit from restored functionality and continued security protection. The update is straightforward with no database changes required, minimizing potential disruption during the upgrade process.