IMPORTANT Security Fix for ALL versions of Zen Cart

Article Date(s): 01/01/2018

Since the release of v1.5.5e in March of 2017, the following changes have been applied to become v1.5.5f according to the official Zen Cart website:

  • Changes in v1.5.5f:
    - Checkout - As a help to people getting PayPal TLS notifications, the CURL Testing tool now reports compatibility with tlstest.paypal.com
    - Checkout - Square Payments support is now built-in. Start taking credit card payments in just 5 minutes! See www.zen-cart.com/partners/square_setup
    - Checkout - FirstData soft-descriptors now optional via module settings
    - Checkout - PayPal - Australia settings explained better in configuration screen
    - Checkout - PayPal IPN-handler posts back over ipnpb URL and now gracefully ignores unrecognized new notification types
    - Checkout - Payeezy module now also accommodates 2-series MC BINs
    - Checkout - Authorize.net AIM - add option to display reason for CVV or date failure
    - Checkout - Authorize.net AIM - improvements to detect always-SSL site configuration
    - Checkout - Credit Card Slamming threshold now customizable via Observer code or plugin
    - Checkout - Internal fix to payment modules to avoid thousands-rounding errors
    - Fix upload-class bug related to filtering desired file-extensions
    - Fix multi-language error (since v155a) in functions_email for PHPMailer
    - Fix possible bug in subdomain handling of secure cookie session handling
    - Fix attribute sort-order rules
    - Fixed - if an invalid or non-existent tax rate was encountered, would get: PHP Warning: A non-numeric value encountered in /includes/functions/functions_taxes.php on line 172
    - Admin: Restored percent calculators on Products Price Manager
    - Admin: Fix a few sanitizer fields to avoid over-cleaning
    - Admin: Update currency-exchange calculators since BOC change
    - Template - Support ISO-8601 style date-of-birth date
    - Template - Compatibility updates to accommodate OnePageCheckout plugin integration
    - Template - Improvements for jQuery conflict prevention, and support older browsers
    - Template - Fix CSS typo in colors
    - Template - hreflang URL correction
    - Template - Fix incorrect use of logo image height
    - Security: CVE-2017-11675 - Low-Risk vulnerability (required your Admin login to be hijacked first). Now prevents exporting to invalid filenames.
    - Optimization - Abort ajax requests from spiders
    - Enhancement - Cache-bypass added for certain db queries, so retrieved data is always fresh
    - Utility - Plugin version-check utility optimized to allow specific version-comparisons, and adapt to timeouts more quickly.
  • NOTE: There were NO Database Changes
Back

Shopping Cart

Your cart is empty.

Customer Reviews

Great service

Judy, thank you for your work on my site so happy I found you :)
Read More ->


Best designer I've ever used worldwide

I've used website designers from coast to coast and even overseas. Trying to move projects ahead within my budget with these other designers but all...
Read More ->


Genius

The best money that I have ever spent. My website had been at a standstill for the past 3 months...Judy was able to take my list+ (I constantly...
Read More ->


Wholesale By Nanas

Judy Gunderson just completed our wholesale dropship business website where people that wish to have an online ecommerce home based business can...
Read More ->


Judy Gunderson saved my bacon!

Judy Gunderson saved my bacon! Actually, she saved my store database, putting it back together after a series of unfortunate incidents in which...
Read More ->


Who's Online

There currently are 4 guests online.
Copyright © 2004 - 2022 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart