Magento Forum

   
Page 3 of 3
Zend’s vulnerability patch
 
Justin Atack
Member
 
Avatar
Total Posts:  42
Joined:  2009-01-03
Sydney, Australia
 

For all the Magento CE 1.4.2.0 users who come across this post this is the SSH code you need to patch your install.

wget http://www.magentocommerce.com/downloads/assets/1.7.0.2/CE_1.4.2.0.patch && patch -p0 -i CE_1.4.2.0.patch

 
Magento Community Magento Community
Magento Community
Magento Community
 
Justin Atack
Member
 
Avatar
Total Posts:  42
Joined:  2009-01-03
Sydney, Australia
 

For the sake of completeness here is the SSH Code for CE 1.4.0.0 to CE 1.4.1.1 users

wget http://www.magentocommerce.com/downloads/assets/1.7.0.2/CE_1.4.0.0-1.4.1.1.patch && patch -p0 -i CE_1.4.0.0-1.4.1.1.patch

 
Magento Community Magento Community
Magento Community
Magento Community
 
Justin Atack
Member
 
Avatar
Total Posts:  42
Joined:  2009-01-03
Sydney, Australia
 

and for CE 1.5.0.0 to CE 1.7.0.1 users the SSH code is

wget http://www.magentocommerce.com/downloads/assets/1.7.0.2/CE_1.5.0.0-1.7.0.1.patch && patch -p0 -i CE_1.5.0.0-1.7.0.1.patch

 
Magento Community Magento Community
Magento Community
Magento Community
 
vibrators
Jr. Member
 
Total Posts:  12
Joined:  2008-08-28
 
Justin Atack - 07 July 2012 09:53 PM

and for CE 1.5.0.0 to CE 1.7.0.1 users the SSH code is

wget http://www.magentocommerce.com/downloads/assets/1.7.0.2/CE_1.5.0.0-1.7.0.1.patch && patch -p0 -i CE_1.5.0.0-1.7.0.1.patch

Thanks Justin Atack, that worked great.

 
Magento Community Magento Community
Magento Community
Magento Community
 
xcluciv
Jr. Member
 
Avatar
Total Posts:  4
Joined:  2012-04-06
 
kek0 - 05 July 2012 11:48 AM

kab8609 - 05 July 2012 11:44 AM
Do you have SSH access? If so just run the command from your base folder:

wget tinyurl.com/MAGE1702 && patch -p0 -i CE_1.5.0.0-1.7.0.1.patch

Props to my colleague https://twitter.com/#!/markshust

wow!! thank you so much for your help and for your collegue Mark Shust :D

This command worked great!!!  Will this command work for future patches?

Thank you!

 
Magento Community Magento Community
Magento Community
Magento Community
 
xcluciv
Jr. Member
 
Avatar
Total Posts:  4
Joined:  2012-04-06
 
kek0 - 05 July 2012 11:48 AM

kab8609 - 05 July 2012 11:44 AM
Do you have SSH access? If so just run the command from your base folder:

wget tinyurl.com/MAGE1702 && patch -p0 -i CE_1.5.0.0-1.7.0.1.patch

Props to my colleague https://twitter.com/#!/markshust

wow!! thank you so much for your help and for your collegue Mark Shust :D

This command works great, will it work for future patches?

Thank you for sharing!!!

 
Magento Community Magento Community
Magento Community
Magento Community
 
mtbmonkey
Jr. Member
 
Total Posts:  28
Joined:  2011-05-20
 

Sorry if I\\\’ve missed this, but how do you know if its patched, I got this when I ran patch file

patching file lib/Zend/XmlRpc/Response.php
patching file lib/Zend/XmlRpc/Request.php

Is that it?

 
Magento Community Magento Community
Magento Community
Magento Community
 
Beermonster
Member
 
Total Posts:  66
Joined:  2010-09-03
 

Am I missing something? I’ve tried using patch in SSH and it says not found, how do I get it to work?

 
Magento Community Magento Community
Magento Community
Magento Community
 
Beermonster
Member
 
Total Posts:  66
Joined:  2010-09-03
 

It’s ok I found it smile

 
Magento Community Magento Community
Magento Community
Magento Community
 
Sybaritic
Jr. Member
 
Total Posts:  3
Joined:  2011-06-15
 
Justin Atack - 07 July 2012 09:37 PM

For all the Magento CE 1.4.2.0 users who come across this post this is the SSH code you need to patch your install.

wget http://www.magentocommerce.com/downloads/assets/1.7.0.2/CE_1.4.2.0.patch && patch -p0 -i CE_1.4.2.0.patch

Hey Justin, I got this when I ran the command you posted for 1.4.2.0.:

[~]# wget http://www.magentocommerce.com/downloads/assets    /1.7.0.2/CE_1.4.2.0.patch && patch -p0 -i CE_1.4.2.0.patch
--2012-07-30 13:31:44--  http://www.magentocommerce.com/downloads/assets/1.7.0.2    /CE_1.4.2.0.patch
Resolving www.magentocommerce.com... 209.15.239.51
Connecting to www
.magentocommerce.com|209.15.239.51|:80... connected.
HTTP request sentawaiting response... 200 OK
Length
2069 (2.0K[text/plain]
Saving to
: `CE_1.4.2.0.patch'

100%[======================================>] 2,069       --.-K/s   in 0s

2012-07-30 13:31:44 (170 MB/s) - 
`CE_1.4.2.0.patch' saved [2069/2069]

can'
t find file to patch at input line 5
Perhaps you used the wrong 
-or --strip option?
The text leading up to this was:
--------------------------
|
Indexlib/Zend/XmlRpc/Response.php
|===================================================================
|--- 
lib/Zend/XmlRpc/Response.php       (revision 157103)
|+++ 
lib/Zend/XmlRpc/Response.php       (working copy)
--------------------------
File to patch: ^C

How can I get this right?  I am starting to get desperate shock

 
Magento Community Magento Community
Magento Community
Magento Community
 
Justin Atack
Member
 
Avatar
Total Posts:  42
Joined:  2009-01-03
Sydney, Australia
 

How can I get this right?  I am starting to get desperate shock

Theres a couple of things you could check. Firstly does the file that you are patching exist? Perhaps it was deleted? Or did you attempt to modify the file before hand? The error suggests that file has changes “can’t find file to patch at input line 5” because it can’t locate the correct line for patching.

You could download CE1.4.2.0 and grab that file again and upload it then run your patch again.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Justin Atack
Member
 
Avatar
Total Posts:  42
Joined:  2009-01-03
Sydney, Australia
 
Beermonster - 27 July 2012 06:36 AM

It’s ok I found it smile

It would be good if you share what you did to fix it. It really helps other users of Magento. These forums are only as good as the people who help others.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
    Back to top
Page 3 of 3