WordPress recently released version 4.9.3, fixing 34 bugs in all 4.9 versions, including fixes for widgets, visual editor, customizer changesets, and PHP 7.2 compatibility.
However, WordPress v4.9.3 included a bug which interrupts the auto-update process. When WordPress attempts to update itself, the bug causes a lethal PHP error and stops it from updating.
WordPress is a leading content management system, used by 29% of all the websites on internet. Millions of websites auto-updated from 4.9.2 to 4.9.3 this month, and it broke their auto-update ability in future.
The auto-update feature in WordPress was added four years ago with WordPress 3.7 release. This feature kept the websites secure and bug-free, even if the users didn’t do it themselves. The auto-update ability was available till v4.9.2 which was released last month.
WordPress developers created a #43103 TTL logic in 4.9.3 to reduce the number of API calls, which causes WordPress to check for updates more often. Due to human error, the final commit didn’t have the intended effect.
“For whatever reason, the fatal error wasn’t discovered before 4.9.3’s release – it was a few hours after release when discovered,” wrote Dion Hulse, Lead Developer at WordPress in a blog post.
WordPress has now released 4.9.4, which is the first minor release in over four years. The time difference between releases of 4.9.3 and 4.9.4 is only a day. The latest WordPress version includes fixes for auto-update bug.
Unfortunately, the WordPress administrators will have to proceed with manual WordPress update, through WordPress admin-panel. Once the users update to latest version, their sites will be able to update themselves automatically, as normal.
“WordPress 4.9.3 and 4.9.4 do not include any security fixes, however, in order for WordPress to receive future security updates automatically sites will first need to be updated to 4.9.4,” added Hulse.