Home / Support Blog / Magento Update Released - 11-14-2016

Magento Update Released - 11-14-2016

Magento CE (Community Edition)

A new version of Magento has been released. Since a potential Cross-Site Scripting (XSS) vulnerability was fixed, we're considering this a security fix and we recommend all Magento website owners have this upgrade done.

Since there's a problem using the Magento Connect Manager, we'll just do the upgrade via SSH/SFTP instead.

Magento CE Release Notes (devdocs.magento.com)

This patch addresses the following issues:

We restored the old tax calculation algorithm for shipping charges. The patch to apply new calculation will be available on request.

Resolved an issue with setting the session lifetime to 0.
The monthly cron job that cleans up the table that contains IP addresses and passwords runs properly.

All configurable product images are imported.
You no longer get an exception due to an undefined addCrumbs() method call.
Resolved the error Notice: Undefined index: session_expire_timestamp when accessing the storefront.
Values for drop-down label values are saved correctly.

The "Price as configured" for bundle products displays correctly in the shopping cart.
Auto-generated passwords are sent to new customers as expected.
The method Mage_Api_Model_Server_Handler_Abstract::processingMethodResult() accepts scalar and array values.

The default MySQL Full-Text search works as expected; it no longer returns all products.
Prevented a potential Cross-Site Request Forgery (CSRF) vulnerability by changing the form key when a customer signs out of the storefront.

Prevented a potential Cross-Site Scripting (XSS) vulnerability when adding a category.
Catalog price rules return the correct price.
Indexers now update all products instead of skipping the last product updated.

Note: You currently cannot upgrade to this version using Magento Connect Manager. We expect to resolve this issue soon.

The previous release was on October 11, 2016.

Our Website Maintenance Department will be in contact with our clients regarding this upgrade. If you need this upgrade done on your website, please contact us.

-Webstix Support

Get found, increase conversion!
Website Marketing
Website Marketing
Get your website noticed and get results.
Design Portfolio
Design Portfolio
Result driven design makes your website work 24/7 for your business.

What Our Clients Say

“Your company and its professionalism are proof positive that distance truly does not matter when completing a large project such as this.”
-Julie Hilliger
Malcolm-Eaton Enterprises
Our Clients Love Us - CLICK
Website Financing Options Available

UW Madison Alumni

Webstix in Madison, WI
730 Rayovac Drive
Madison, WI 53711
Webstix in Michigan
580 E Napier Ave.
Benton Harbor, MI 49022
Webstix in Indiana
316 E Monroe St
South Bend, IN 46601