Magento 2.1.1-2 Updates

Magento 2.1.1

This update after the big 2.1 update contains functional fixes and no security related fixes.

Fixes issues:

  • The installation with magento setup:upgrade –keep-generated works now and you can also upgrade now with sample data to 2.1.1.
  • The Category page now displays current, rather than outdated, product prices.
  • ier pricing now works correctly with full page cache.
  • Cart Price rules are now applied as expected to payment method conditions.
  • Magento now implements the minicart maximum display recently added item setting to your shopping cart.
  • The speed of static asset deployment and storefront performance was improved.
  • Magento now displays configurable products as expected after creation.
  • You can now save a product with images multiple times.
  • Magento now correctly displays customer address during account creation.
  • You can now use Braintree as a payment method when applying reward points or store credit to an order.
  • and a few more.

Magento 2.1.2

The security update 2.1.2 of Magento contains security and functional fixes and also support for the latest PHP and MySQL versions.

Security Fixes:

  • Fixed issue which allowed to  insert malicious JavaScript,
  • You can no longer change or fake a product price from the Magento storefront and then complete an order with that faked price.
  • Fixed issue with PHP code execution during checkout.
  • Fixed issue with retrieving potentially sensitive information through the use of backend media.
  • Sessions now expire as expected after logout.
  • Kount and 3D Secure now work as expected for Braintree Vault.
  • You can no longer delete a currently logged-in user.
  • The Guest order view protection code is no longer vulnerable to brute force attacks.
  • You can no longer manipulate the full page cache to store incorrect pages under regular page URL entries.
  • Fixed issue with potential storage of malicious XSS code in the body of an email template.
  • Fixed issue with potential SQL injection through the Zend framework through ordering or grouping parameters.

Functional fixes:

  • The Sales API was improved and has now the ability to change the status of shipment an of an invoice.
  • Magento now updates the mini cart as expected when you reorder an item.
  • Changing the city field of an order now affects the shipping rate as expected.
  • Magento now correctly renders HTML tags on the Sales Order page price field.
  • Visual swatches are now displayed in search results.

 

For more information about the security fixes visit the Magento Security Center. The release notes you can find here.

 

Remember to create a full backup of all your files and your database before updating.

1 Kommentar zu «Magento 2.1.1-2 Updates»

  1. Pingback: The Openstream Nr. 5, November 2016 – Openstream

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert