IMPORTANT Security Fix for ALL versions of Zen Cart

Article Date(s): 01/01/2018

Since the release of v1.5.5e in March of 2017, the following changes have been applied to become v1.5.5f according to the official Zen Cart website:

  • Changes in v1.5.5f:
    - Checkout - As a help to people getting PayPal TLS notifications, the CURL Testing tool now reports compatibility with tlstest.paypal.com
    - Checkout - Square Payments support is now built-in. Start taking credit card payments in just 5 minutes! See www.zen-cart.com/partners/square_setup
    - Checkout - FirstData soft-descriptors now optional via module settings
    - Checkout - PayPal - Australia settings explained better in configuration screen
    - Checkout - PayPal IPN-handler posts back over ipnpb URL and now gracefully ignores unrecognized new notification types
    - Checkout - Payeezy module now also accommodates 2-series MC BINs
    - Checkout - Authorize.net AIM - add option to display reason for CVV or date failure
    - Checkout - Authorize.net AIM - improvements to detect always-SSL site configuration
    - Checkout - Credit Card Slamming threshold now customizable via Observer code or plugin
    - Checkout - Internal fix to payment modules to avoid thousands-rounding errors
    - Fix upload-class bug related to filtering desired file-extensions
    - Fix multi-language error (since v155a) in functions_email for PHPMailer
    - Fix possible bug in subdomain handling of secure cookie session handling
    - Fix attribute sort-order rules
    - Fixed - if an invalid or non-existent tax rate was encountered, would get: PHP Warning: A non-numeric value encountered in /includes/functions/functions_taxes.php on line 172
    - Admin: Restored percent calculators on Products Price Manager
    - Admin: Fix a few sanitizer fields to avoid over-cleaning
    - Admin: Update currency-exchange calculators since BOC change
    - Template - Support ISO-8601 style date-of-birth date
    - Template - Compatibility updates to accommodate OnePageCheckout plugin integration
    - Template - Improvements for jQuery conflict prevention, and support older browsers
    - Template - Fix CSS typo in colors
    - Template - hreflang URL correction
    - Template - Fix incorrect use of logo image height
    - Security: CVE-2017-11675 - Low-Risk vulnerability (required your Admin login to be hijacked first). Now prevents exporting to invalid filenames.
    - Optimization - Abort ajax requests from spiders
    - Enhancement - Cache-bypass added for certain db queries, so retrieved data is always fresh
    - Utility - Plugin version-check utility optimized to allow specific version-comparisons, and adapt to timeouts more quickly.
  • NOTE: There were NO Database Changes
Back

Shopping Cart

Your cart is empty.

Customer Reviews

Best designer I've ever used worldwide

I've used website designers from coast to coast and even overseas. Trying to move projects ahead within my budget with these other designers but all...
Read More ->


Thank you for doing such a good job.

Thank you Judy for doing such a good job on my site and being there whenever I got crazy or impatient.
Read More ->


Fantastic Job!

I highly recommend Judy and Zen Cart Ecommerce Website Design. When I told her what I needed she responded quickly and clearly, unlike other Zen Cart...
Read More ->


A Taxing Problem Solved!

Recently, I had a service do a Zen-Cart update to the latest version. In doing so, my store checkout process was corrupted. Sales Tax was not being...
Read More ->


Thanks!

After being burned by previous web programmers I was very skeptical and wondered if I would ever get my new website up. Judy worked with me in...
Read More ->


Who's Online

There currently are 13 guests online.
Copyright © 2004 - 2022 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart