I am currently running WordPress 3.1.2 on PHP 5.1.6. The minimum requirement for WordPress 3.2 is going to be PHP 5.2.4 or greater. If I keep running WordPress 3.1.2 and there is a security issue will they provide security updates for 3.1 or will I be forced to upgrade my version of PHP so that I can upgrade to WordPress 3.2?
Will there be security updates for 3.1 once 3.2 is released?
WordPress backports security updates usually 1-3 versions back but they don’t promise anything.
The WordPress LTS philosophy is that LTS = “Long Term Suckage“
The Long Term Suckage theory is:
Like how your sysadmin doesn’t want to update PHP now that it’s 6 years old and 2 major branches behind.
I would point my sysadmin to this thread from the RedHat mailing list from 2009. There are 3rd party packages available so you don’t have to compile from source
I would be more concerned about PHP 5.1 branch security issues than something that might come up with WordPress.
Edit:
Also found this official RedHat announcement from Jan 2011 RHEL 5 now shipping with PHP 5.3.
No, older versions are not updated.
Aside: PHP 5.1.6 is five years old. Even if WordPress would offer patches for 3.1.2 â you missed more than 100 security fixes for PHP, so WordPress isnât your main problem anyway.
WordPress does not patch older versions, so you will have to upgrade or manually apply patches yourself.