Blog posts about OXID

Security Bulletin 2018-001

CVE Identifier: CVE-2018-5763: An attacker is able to bring servers to standstill by calling specially crafted URLs if OXID High Performance Option is activated and Varnish is used (denial of service/DoS).



OXID eShop version 4.10.7 (CE + PE) & 5.3.7 (EE)

No GUI changes, no other bugs fixed but security issue 2018-001, non-widget classes must extend oxWidget, updated Amazon, Paypal and VCMS modules.



OXID eShop version 6.0.1

OXID eShop version 6.0.1 is released and contains a fix for a security issue if you run High Performance Option plus Vagrant. Additionally bug fixes and GUI changes.



This was OXID Hackathon 2017

Last weekend, on Friday and Saturday December 8th and 9th 2017, the annual OXID Hackathon in Nuremberg took place. Read about what we were coding and what discussions came up.



Run module tests in OXID eShop 6

As follow up for the blog post “Run tests for OXID eShop 6” here’s how to get module tests running for OXID eShop 6.



Run tests for OXID eShop 6

Nice thing about OXID eShop, they provide a development environment. Without big effort you can get have the shop up and running on a virtual machine. The current blog post will give some hints for how to run the shop tests that come with the shop. We will cover how to run module tests in a follow up post.



Slides partner day 2017

We collected all slides from the dev track on OXID Partner day 2017 and provide them for download for you guys.



A download package for OXID eShop 6

While changing the global behaviour with OXID eShop 6 installation away from FTP to composer some of you guys might be confused: “What, there’s no download package/zip available anymore? WHE ALL MUST DIE!!!”. Here’s a download package for you!



OXID eShop v6.0.0 stable is published

OXID eShop v6.0.0 is publicly available. You may find it tagged as https://github.com/OXID-eSales/oxideshop_ce/tree/v6.0.0 on GitHub.



OXID eShop version 4.9.11 (CE + PE) & 5.2.11 (EE)

Contains a fix for OXID security issue 2017-002, just this one bug fix, no GUI changes. Please see details in security bulletin 2017-002.



FAQ Security Bulletin 2017-002

FAQ for Security bulletin 2017-002: By crawling specially crafted URLs (e.g. by “forced browsing”), an attacker is able to overflow the database.



OXID eShop version 4.10.6 (CE + PE) & 5.3.6 (EE)

Contains a fix for OXID security issue 2017-002 and some other bug fixes, no GUI changes. Please see details in security bulletin 2017-002.