Magento Expert Forum - Improve your Magento experience
-
New Magento Security Patch SUPEE-6788
Magento has just released a new security update for their Community and Enterprise users. The security patch is called SUPEE-6788 and it fixes over 10 different security issues in Magento. The update is so big, that a lot of people might even experience broken extensions after installing the security patch. You can see how this patch will affect your code in this document: http://codingbasics.net/Magento-Patc...al-Details.pdf
Patches are available for Magento Enterprise Edition 1.7 and later releases and Magento Community Edition 1.4 and later releases.
Source: http://codingbasics.net/magento-secu...llation-guide/
View more threads in the same category:
-
-
Junior Member
Our customers are asking a lot of questions about this latest security patch and its influence on performance of some extensions. We’ve compiled the most popular questions about the issue and answered them for your convenience.
As for the list of extensions found at http://codingbasics.net/magento-exte...th-supee-6788/ , we've already updates most of them.
Please visit to find all the necessary info https://blog.amasty.com/supee-6788-q...ity-important/
-
-
How to install SUPEE-6788
In most cases this patch can be applied safely. However, as always, we recommend to test extensively on a testing/staging environment. (Hypernode users can set-up a basic staging environment).
Some parts of this patch are optional, because it breaks backward compatibility with many extensions. So Magento has made a switch in the back-end to enable this extra measure. The rest of the patch can be applied relatively safely. Take note of the following issues (that will only affect a small number of installs):
Have a custom <code>customer/form/register.phtml</code> template? It will break if you don’t add a form_key.
Do you use non-standard variables in CMS pages, static blocks or email templates? They need to be whitelisted.
Do you run the Magento cron through HTTP are are you using Apache? There is a new access control on cron.php, so you should change the .htaccess to include your local IP, or (better yet) run the cron through commandline PHP.
-
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Bookmarks