COMMUNITY EDITION 1.9.3 AND SUPEE-8788
Community Edition 1.9.3 distributes over 120 quality improvements, as well as support for PHP 5.6. It also resolves serious security issues, including:
- Remote code execution vulnerabilities with certain payment methods
- Possibility of SQL injections due to Zend Framework library vulnerabilities
- Improper session invalidation when an Admin user logs out
- The ability for unauthorized users to back up Magento files or databases
- Security Enhancements: General security enhancements and Password enhancements
- General security enhancements: Patches for major security issues in previous versions
- Password enhancements:
- Reset a password only after receiving an e-mail
- The forgot password link expires after the first use or two hours (by default).
- Requiring to provide password when a user want to change their email address.
- The new customer e-mail now includes the the client's password.
- Resetting a password using a password recovery e-mail succeeds.
- Check for .swf Files After Upgrade
- Backward-Incompatible Changes
- Essential Fixes: Tax Calculation; Shopping cart and checkout; Catalog; Price rule; Configurable swatches; Import/export; Indexer and other fixes.
- Product performance has been enhanced when loading catalog products with multiple color swatches.
For more details related to functional updates available here.
COMMUNITY EDITION 2.0.10 AND 2.1.2
Magento 2.0.10 and 2.1.2 versions also address the same critical security issues listed above. Furthermore, the releases make several functional improvements and API enhancements:
- New API methods allow 3rd party solutions to use APIs to transition an order state when they create an invoice or shipment.
- Magento 2.1.2 now also includes PHP 7.0.4 support
- Magento 2.0.10 and 2.1.2 are compatible with MySQL 5.7.
DOWNLOAD THESE NEW UPDATES
These updates are available for download in the following locations:
Community Edition 2.1.2 and 2.0.10 (New .zip file installations)
Community Edition 2.1.2 and 2.0.10 (New composer installations)
Community Edition 2.1.2 and 2.0.10 (Composer upgrades)
Community Edition 2.1.2 and 2.0.10 (Developers contributing to the CE code base)
Community Edition 22.214.171.124
COMMUNITY EDITION DOWNLOAD PAGE > Release Archive Tab
COMMUNITY EDITION DOWNLOAD PAGE > Release Archive Tab > Magento Community Edition Patches - 1.x Section
Please make these updates right away to secure your site.
OUR PRODUCTS FOR MAGENTO 2.1.2
Our Magento Developer team has been working hard on updating our Magento Themes for Magento 2.1.2. Let's keep in touch with us to access the wide range of high-performance Magento 2 products quickly.
NEED HELP TO MIGRATE MAGENTO 1.X TO MAGENTO 2.X?
As you know, Magento 2 uses new approaches and technologies that give merchants an unmatched ability to create innovative shopping experiences and scale to new levels. If you would like to update your site to Magento 2, but be afraid of facing technical difficulties, feel free to contact our custom work department.