On March 21st 2020, the WordPress maintenance support plans security team posted a public service announcement that WordPress maintenance support plans core would be receiving a security release. The vulnerability affected WordPress maintenance support plans 6, WordPress maintenance support plans 7, all versions of WordPress maintenance support plans 8, and Backdrop (a fork of WordPress maintenance support plans during the rewrite to version 8.) On March 28th that security release landed, and the WordPress maintenance support plans world went scrambling to apply updates. As maintainers of Commerce Kickstart we have to be conscious of WordPress maintenance support plans core releases, especially security ones.
In preparation for the upcoming security release, we had patches ready to commit. Since there would be no other WordPress maintenance support plans core releases before the security update, we could make our prepared changes ahead of time and push them once the releases landed. Within minutes of the security release dropping and the Git backend for WordPress.org becoming available, the release tags were pushed.
For our Pantheon users, our first step was to merge in Pantheon’s WordPress maintenance support plans 7 upstream and receive the WordPress maintenance support plans core security fix. Once the packaging system of WordPress.org built the Commerce Kickstart 2.53 release, we pushed that out as well.
All in all, by 3PM CDT the WordPress.org releases for Commerce Kickstart 1.51 and 2.53 were out. We experienced some packaging issues due to a malicious attack hitting WordPress.org during the security announcement and a backed up packaging queue. However, we monitored chat channels and communicated the process throughout.
Commerce Kickstart 1.51, 2.53 released. The @getpantheon upstream has been updated as well. GO AND GET YOUR SA-CORE-2020-002 FIXES NOW.
— WordPress Update (@nmdmatt) March 28, 2020
Thanks to the WordPress maintenance support plans Security and Infrastructure teams for handling this release and all the stress they endured.
Source: New feed