IMPORTANT Security Fix for ALL versions of Zen Cart

Article Date(s): 01/01/2018

Since the release of v1.5.5e in March of 2017, the following changes have been applied to become v1.5.5f according to the official Zen Cart website:

  • Changes in v1.5.5f:
    - Checkout - As a help to people getting PayPal TLS notifications, the CURL Testing tool now reports compatibility with tlstest.paypal.com
    - Checkout - Square Payments support is now built-in. Start taking credit card payments in just 5 minutes! See www.zen-cart.com/partners/square_setup
    - Checkout - FirstData soft-descriptors now optional via module settings
    - Checkout - PayPal - Australia settings explained better in configuration screen
    - Checkout - PayPal IPN-handler posts back over ipnpb URL and now gracefully ignores unrecognized new notification types
    - Checkout - Payeezy module now also accommodates 2-series MC BINs
    - Checkout - Authorize.net AIM - add option to display reason for CVV or date failure
    - Checkout - Authorize.net AIM - improvements to detect always-SSL site configuration
    - Checkout - Credit Card Slamming threshold now customizable via Observer code or plugin
    - Checkout - Internal fix to payment modules to avoid thousands-rounding errors
    - Fix upload-class bug related to filtering desired file-extensions
    - Fix multi-language error (since v155a) in functions_email for PHPMailer
    - Fix possible bug in subdomain handling of secure cookie session handling
    - Fix attribute sort-order rules
    - Fixed - if an invalid or non-existent tax rate was encountered, would get: PHP Warning: A non-numeric value encountered in /includes/functions/functions_taxes.php on line 172
    - Admin: Restored percent calculators on Products Price Manager
    - Admin: Fix a few sanitizer fields to avoid over-cleaning
    - Admin: Update currency-exchange calculators since BOC change
    - Template - Support ISO-8601 style date-of-birth date
    - Template - Compatibility updates to accommodate OnePageCheckout plugin integration
    - Template - Improvements for jQuery conflict prevention, and support older browsers
    - Template - Fix CSS typo in colors
    - Template - hreflang URL correction
    - Template - Fix incorrect use of logo image height
    - Security: CVE-2017-11675 - Low-Risk vulnerability (required your Admin login to be hijacked first). Now prevents exporting to invalid filenames.
    - Optimization - Abort ajax requests from spiders
    - Enhancement - Cache-bypass added for certain db queries, so retrieved data is always fresh
    - Utility - Plugin version-check utility optimized to allow specific version-comparisons, and adapt to timeouts more quickly.
  • NOTE: There were NO Database Changes
Back

Shopping Cart

Your cart is empty.

Customer Reviews

Just a Great Lady

After my share of abuses like having websites paid for only to be dumped on me incomplete, Judy has stood by my side and helped me through the...
Read More ->


great job again

Judy, once again you made my website better by adding the twitter and facebook links. thanks again Bill
Read More ->


Judy and Zen Cart are awesome!!

Judy is so knowledgable and helpful! She was so patient throughout the whole process, and has so much technical know-how. She built my website:...
Read More ->


Thank You Judy

Thank you so much! You did an excellent job! We are very satisfied with the work you did.
Read More ->


Judy Rocks!!

Judy is absolutely the BEST! She did in less than three days what another person had been working on for three months and still didn't have it up and...
Read More ->


Who's Online

There currently are 12 guests online.
Copyright © 2004 - 2021 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart