Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Important Security Update - Zend Platform Vulnerability
 
patrickboxell
Jr. Member
 
Total Posts:  3
Joined:  2011-07-27
 

Hi,

I have a functioning shop online but this new update makes no sense to me, if anyone can give me a step by step \\\’how to patch this security update\\\’ i would be very grateful. Im using Magento ver 1.6.0.0

I guess this is an important thing to do no?

Regards

Patrick

 
Magento Community Magento Community
Magento Community
Magento Community
 
MagenX
Enthusiast
 
Total Posts:  791
Joined:  2008-05-26
Dublin
 

did you get email from magento?
with step by step instructions.

here is your patch
http://www.magentocommerce.com/downloads/assets/1.7.0.2/CE_1.5.0.0-1.7.0.1.patch

Instructions on Applying the Patch

Go to the root of your Magento root directory
Download the patch from the provided link appropriate for your version
Apply the patch: patch -p0 < CE_1.5.0.0-1.7.0.1.patch

 
Magento Community Magento Community
Magento Community
Magento Community
 
patrickboxell
Jr. Member
 
Total Posts:  3
Joined:  2011-07-27
 

Thanks for the reply and the link to find the patch. The final part still doesn’t make sense!! When I download the patch I upload it into my server at the root level, and then is there more to do? What’s that code you wrote at the end? Thanks for your help

Regards

Patrick

 
Magento Community Magento Community
Magento Community
Magento Community
 
MagenX
Enthusiast
 
Total Posts:  791
Joined:  2008-05-26
Dublin
 

The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Patch should be installed because it is a common way of upgrading applications.

login to ssh
yum install patch
sudo patch -p0 < CE_1.5.0.0-1.7.0.1.patch

or patch file on your PC and upload back

 
Magento Community Magento Community
Magento Community
Magento Community
 
Stevis2011
Jr. Member
 
Total Posts:  1
Joined:  2012-08-17
 

When i use that link, it just opens a text document. Nothing downloads.
Please can you tell me what i should do with it?

Thanks.

 
Magento Community Magento Community
Magento Community
Magento Community
 
RSPB
Jr. Member
 
Total Posts:  1
Joined:  2011-05-08
 

Ok, daft question, but does this need to be applied to every Magento site?
It\’s really not clear whether this security patch is even needed on my site. I\’d hate to pay my supplier to install it if it\’s not necessary.

 
Magento Community Magento Community
Magento Community
Magento Community
 
patrickboxell
Jr. Member
 
Total Posts:  3
Joined:  2011-07-27
 

Hi,

I think it said it is for every magento site! So worth doing i guess. For me it doesn’t make much sense but i manually changed the 2 files that needed doing and manually uploaded to the site but i dont know if it worked properly. When i logged into the admin page i still saw the message about the zend security issue, but now i have a message about ‘pay pal’

Is there a way to check if the issue is resolved?

Many Thanks

Patrick

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top