WordPress Release: 3.8.20

TL;DR

WordPress 3.8.20 is a maintenance release that fixes a critical bug affecting audio and video functionality when sanitizing ID3 data. The update also includes several build and test tool improvements to enhance development workflow performance.

This release is important for users who rely on WordPress's media handling capabilities, as it resolves an issue where audio and video functions could break due to improper sanitization of metadata. The changes primarily affect developers working with media files and users who upload audio/video content to their WordPress sites.

Highlight of the Release

• Fixed critical bug affecting audio/video functions when sanitizing ID3 metadata
• Improved build and test tools performance for WordPress development
• Enhanced stability for media handling functionality

Migration Guide

No migration steps are required for this update. This is a maintenance release that can be applied through the standard WordPress update process without any special considerations.

Upgrade Recommendations

This update is recommended for all WordPress 3.8 users, particularly those who utilize audio and video functionality on their sites. The fix for ID3 data sanitization addresses a functional issue that could affect media playback and handling.

While WordPress 3.8 is an older version and no longer receives regular updates, this maintenance release addresses a specific functional issue. However, for optimal security and feature support, users are strongly encouraged to upgrade to the latest WordPress version if possible.

Bug Fixes

Audio/Video Function Fix

• Fixed a critical bug where running wp_kses_post_deep() on ID3 tag data was corrupting blob data, causing audio and video functions to break
• This issue was addressed by merging fix [40400] to the 3.8 branch
• References: #40075, #40085

New Features

No new features were added in this maintenance release. WordPress 3.8.20 focuses on bug fixes and performance improvements to the build and test tools.

Security Updates

No specific security fixes were included in this release. The primary focus was on fixing functional bugs and improving build performance.

Performance Improvements

Build/Test Tools Performance Enhancements

• Disabled Xdebug when testing on Travis CI to increase performance (#39978)
• Trimmed the test matrix on Travis by removing PHP 5.3 and 5.4 jobs to speed up the 3.8 branch build (#40407)
• Reversed the order in which Travis jobs run on the 3.8 branch for improved efficiency (#39705)

Impact Summary

WordPress 3.8.20 addresses a specific but important bug that affected audio and video functionality when processing media files with ID3 metadata. The fix ensures that the wp_kses_post_deep() function no longer corrupts blob data when sanitizing ID3 tags, restoring proper functionality to WordPress's media handling capabilities.

Additionally, several improvements to the build and test tools enhance the development workflow, particularly for contributors working with the WordPress codebase. These changes optimize the testing process on Travis CI by disabling Xdebug, trimming the test matrix, and reordering job execution for better performance.

While this is a targeted maintenance release for the 3.8 branch, it's worth noting that WordPress 3.8 is an older version. Users running this version should consider upgrading to a more recent WordPress release to benefit from the latest security updates, features, and performance improvements.