Important Magento Security Update -Community Editions 1.5.0.0-1.9.2.2: SUPEE-7405 and SUPEE-7616 or upgrade to Community Edition 1.9.2.3

Es gibt ein neuen Magento Security Update. Was es damit genau aufsich hat weiß ich noch nicht. Es wird in den nächsten Tagen vermutlich mehr Infos geben.

 

Die Patches sind:

Community Editions 1.5.0.0-1.9.2.2: SUPEE-7405 and SUPEE-7616 or upgrade to Community Edition 1.9.2.3

bzw.

Community Edition 2.0.0: Upgrade to Community Edition 2.0.1

Hier zur offiziellen Seite:

https://community.magento.com/t5/News-Announcements/Important-New-Security-Releases-and-Patches/m-p/26736

 

Hier die Release Notes (steht jedoch nicht wirklich was informatives drin…)

http://merch.docs.magento.com/ce/user_guide/magento/release-notes-ce-1.9.2.3.html

Wer hat nähere Informationen? Gerne in die Kommentare

 

Hier die Mail von Magento

 

Patch or Upgrade Your Site Now

Today, we are making new releases and patches available to improve the security and functionality of Magento sites. While there are no confirmed attacks related to the security issues, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions. The security issues vary across products and all versions of Magento are affected. Full articles about the Magento 1.x and Magento 2.x issues are posted in the Magento Security Center. Additionally, all new releases and a separate USPS patch support recent USPS changes.

The Magento 2.0.1 releases also contain several important functional updates, including official support for PHP7.0.2, which provides dramatic performance improvements, drastically reduces memory consumption, and supports brand-new PHP language features. More information on these updates is posted in the Community and Enterprise Edition release notes.

We strongly encourage you to implement the following patches or upgrades:

Enterprise Editions 1.9.0.0-1.14.2.2: SUPEE-7405 and SUPEE-7616 or upgrade to Enterprise Edition 1.14.2.3
Community Editions 1.5.0.0-1.9.2.2: SUPEE-7405 and SUPEE-7616 or upgrade to Community Edition 1.9.2.3
Enterprise Edition 2.0.0: Upgrade to Enterprise Edition 2.0.1
Community Edition 2.0.0: Upgrade to Community Edition 2.0.1

DOWNLOADING THE UPDATES
To download a patch or release, choose from the following options:

Enterprise Edition Merchants:

Enterprise Edition 1.14.2.3

My Account > Downloads Tab > Magento Enterprise Edition 1.X > Magento Enterprise Edition 1.x Release > Version 1.14.2.3

SUPEE-7405 (Security Enhancements)

My Account > Downloads Tab > Magento Enterprise Edition 1.X > Magento Enterprise Edition 1.x Release > Support Patches / Security Patches > Security Patches – January 2016

SUPEE-7616 (USPS Changes)

My Account > Downloads Tab > Magento Enterprise Edition 1.X > Magento Enterprise Edition 1.x Release > Support Patches / Security Patches > USPS API – January 2016

Enterprise Edition 2.0.1 (New Installations)

My Account > Downloads Tab > Magento Enterprise Edition 2.X > Magento Enterprise Edition 2.x Release > Version 2.0.1

Enterprise Edition 2.0.1 (Upgrade an Existing Installation)

http://devdocs.magento.com/guides/v2.0/comp-mgr/bk-compman-upgrade-guide.html
Community Edition Merchants:

Community Edition 1.9.2.3

Community Edition Download Page > Release Archive Tab

SUPEE-7405 (Security Enhancements)

Community Edition Download Page > Release Archive Tab > Magento Community Edition Patches – 1.x Section

SUPEE-7616 (USPS Changes)

Community Edition Download Page > Release Archive Tab > Magento Community Edition Patches – 1.x Section

Community Edition 2.0.1 (New Installations)

Community Edition Download Page > Download Tab

Community Edition 2.0.1 (Upgrade an Existing Installation)

http://devdocs.magento.com/guides/v2.0/comp-mgr/bk-compman-upgrade-guide.html

Community Edition 2.0.1 (Developers Contributing Code to the CE Code Base)

http://devdocs.magento.com/guides/v2.0/install-gde/install/cli/dev_options.html

Be sure to install all previous patches, if you haven’t done so already, and use this occasion to do a security assessment of your systems in accordance with our Security Best Practices. Patches should be installed and tested in a development environment before being put into production. All previous USPS patches must be installed for the new patch (SUPEE-7616) to work.

Thank you for your attention and continued support.

Best regards,
The Magento Team

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.