The WordPress development group, in a chain of mistakes, pushed out an imperfect update that made it difficult to install new WordPress websites. They stopped the update rollout trying to fix that update but that made much more issues, requiring an emergency update to fix all the issues.
The disaster started on October 29, 2020 with a standard update intended to address basic security issues. WordPress 5.5.2 was intended to avoid issues like Cross Site Request Forgeries, XSS (Cross Site Scripting) attacks and more.
Shockingly, the update also presented a bug that caused new WordPress installations to fail. This is how WordPress clarified the bug:
“WordPress 5.5.2 …makes it impossible to install WordPress on a brand new website that does not have a database connection configured. This release does not affect sites where a database connection is already configured, for example, via one-click installers or an existing wp-config.php file.”
So as to fix that issue, WordPress stopped version 5.5.2 from turning out to more sites.
WordPress put the brakes on additional updates. But while the WordPress developers team was caught up with preparing WordPress 5.5.3 ready to fix the past bug, WordPress auto-updates started pushing an update once more.
But because Version 5.5.2 was unavailable, the automated WordPress system chose an Alpha version of WordPress to be downloaded and installed. This Alpha version was not intended to be pushed out through auto-updates.
The issues were presented by the development team because there was no conventional documentation on the best way to stop a WordPress update. Thus, the WordPress team stopped the update in a way that opened the door for the Alpha version to start turning out.
This issue has been addressed so that this situation won’t occur again.
As per the official technical details post:
“…that won’t be done again. Now seems like a good time to document a correct and proper way of “stopping” a release in progress, which honestly had not been attempted before. Stopping a release is actually pretty simple if they had made the correct change, so while their attempt was a reasonable assumption to make, it turned out to be wrong.
The release system is complicated, and trying to do things with it that haven’t been anticipated and documented led to unexpected results. This will be improved through documentation and better code and management of the release system itself.”
The issue with the WordPress Alpha installation was that it presented extra WordPress themes and installed Akismet.
There is evidently nothing amiss with those themes. However, publishers who decide to not remove them will be troubled with keeping them updated. Failure to update those themes could later on represent a security hazard.
As per the WordPress announcement:
“Earlier today the auto-update system for WordPress updated some sites from version 5.5.2 to version 5.5.3-alpha. This was due to an error caused by preparations being made for the 5.5.3 release.
The 5.5.3-alpha version at this point was functionally identical to 5.5.2 as no development work had been started on 5.5.3, however the following changes may have been made:
The default “Twenty” themes installed as part of the pre-release package. The “Akismet” plugin installed as part of the pre-release package.”
A website page, clearly for the Alpha release, was published on October 29, 2020, obviously incorrectly named as Version 5.4.3. I state incorrectly because WordPress 5.4 was delivered in March 2020 and it doesn’t bode well to go in reverse from WordPress 5.5 to a 5.4 version.
The most recent update, Version 5.5.3 is everything version 5.5.2 was intended to be, just without the related issues. WordPress 5.5.3 fixes all the issues presented in the 5.5.2 version.
“This maintenance release fixes an issue introduced in WordPress 5.5.2 which makes it impossible to install WordPress on a brand new website that does not have a database connection configured. This release does not affect sites where a database connection is already configured, for example, via one-click installers or an existing wp-config.php file.
If you are not on 5.5.2, or have auto-updates for minor releases disabled, please manually update to the 5.5.3 version by downloading WordPress 5.5.3 or visiting Dashboard → Updates and click “Update Now.””
Publishers are urged to ensure that they are updated to Version 5.5.3. Versions prior to 5.5.2 contain security issues, so it’s imperative to be updated to the most recent version.
The WordPress 5.5.3 maintenance release contains no apology for the issues, just “thanks and props” to the development team for fixing the problems that they introduced.
We at CodeLedge, are Sweden’s best WordPress Development Services provider. We are the experts at making a website fast and easy to load. Feel free to talk with us at firstname.lastname@example.org or get a quote from here.