CVE Identifier: CVE-2018-14020: An attacker is able to change the delivery address by bypassing the checkout process when using Paymorrow payment method.
OXID eShop 6.1.0 compilation contains two new modules (GDPR Opt-in + Klarna), monolog implementation, form field configuration, possibility to overwrite Smarty plugins with your own modules and is ready for the Personalization Option (EE). oxchkversion was removed from the admin panel.
https://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.png00Marco Steinhäuserhttps://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.pngMarco Steinhäuser2018-07-31 14:32:082018-08-02 15:53:16OXID eShop version 6.1.0
This patch update contains bug fixes (incl. security issues 2018-002 as well as 2018-003), GUI changes have been done. Furthermore, the modules Klarna and GDPR Opt-in were added to the compilation. See details in this listing.
https://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.png00Marco Steinhäuserhttps://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.pngMarco Steinhäuser2018-07-31 14:31:402018-08-02 15:56:18OXID eShop version 6.0.3
OXID eShop 6 introduced several improvements to the OXID eShop environment. These changes also have reached the module system, which leads to some new features for developers.
https://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.png00Steven Pfündlinhttps://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.pngSteven Pfündlin2018-06-01 12:43:162018-06-01 12:49:39Module development in OXID eShop 6 – benefit from the new features
We’ve experienced requests concerning the “Right to data portability” (Art. 20 GDPR) on several channels. The legal text states someat like ” … receive the personal data … in a structured, commonly used and machine-readable format…”. As this is not a clear specification, provide an SQL script for reading out all relevant information from the database. Get the script from this blog post.
https://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.png00Clemens Scholzhttps://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.pngClemens Scholz2018-05-29 11:21:352018-05-29 11:21:35How we temporarily handle the right to data portability (Art. 20 GDPR)
The behaviour of the PHP function __isset was changed with PHP version 7.0.6. OXID eShop makes use of this function __isset for lazy loading, and because of these changes lazy loading might behave unexpectedly in OXID eShop. Please read this blog post to avoid this unexpected behaviour in your projects and/or modules.
https://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.png00Igor Iegupovhttps://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.pngIgor Iegupov2018-05-18 13:58:332018-05-18 13:58:33Function __isset and model lazy loading with different behaviour in PHP version 7.0.6 or newer
In order to improve the OXID eShop core code we are going to change some main principles of overwriting classes and methods when changing OXID eShop functionality with modules: methods may now be marked as private. This is not to cut away possibilities; there’ll be other means to catch up with what you want to achieve.
https://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.png00Koltanhttps://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.pngKoltan2018-04-09 12:21:532018-04-09 12:21:53Announcing new principles in the OXID core and how you will benefit from them
This patch update was extraordinarily pushed up to give you a proper time frame to establish the GDPR compliance with OXID eShop. Additionally, we started to introduce new principles of code writing in order to become more flexible, agile and innovative when changing the core. Anyway, this patch update contains bug fixes as well as loads of pull requests.
https://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.png00Clemens Scholzhttps://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.pngClemens Scholz2018-04-09 12:21:092018-04-25 01:00:46OXID eShop version 6.0.2
We recently released OXID eShop 6.0.2 including some changes in preparation of the upcoming European Data Protection Regulation (GDPR) that will be applicable as of May 25th, 2018 in all member states to harmonize data privacy laws across Europe.
https://oxidforge.org/wp-content/uploads/2018/04/2390666040_5a9d52b896_o-1.jpg597797Benjamin Jörgerhttps://oxidforge.org/wp-content/uploads/2018/01/OXID_forge_sub.pngBenjamin Jörger2018-04-09 12:20:212018-04-25 01:00:55GDPR compliance with OXID eShop version 6.0.2
Security Bulletin 2018-003
0 Comments/in blog English OXID Security Team / OXID Security TeamNews, Security
CVE Identifier: CVE-2018-14020: An attacker is able to change the delivery address by bypassing the checkout process when using Paymorrow payment method.
Security Bulletin 2018-002
0 Comments/in blog English OXID Security Team / OXID Security TeamNews, Security
CVE Identifier: CVE-2018-12579: An attacker is able to take over an access to user account.
Summer releases 2018: OXID eShop 6.1.0, 6.0.3 and 4.10.8/5.3.8
0 Comments/in blog English benjamin.joerger / Benjamin JörgerNews, Releases
Two days ago we published three releases, OXID eShop 6.0.1, 6.0.3 and 4.10.8/5.3.8. Please read this blog post for a summary of the changes.
OXID eShop version 6.1.0
0 Comments/in blog English marco.steinhaeuser / Marco SteinhäuserNews, oxid6, Releases
OXID eShop 6.1.0 compilation contains two new modules (GDPR Opt-in + Klarna), monolog implementation, form field configuration, possibility to overwrite Smarty plugins with your own modules and is ready for the Personalization Option (EE). oxchkversion was removed from the admin panel.
OXID eShop version 6.0.3
0 Comments/in blog English marco.steinhaeuser / Marco SteinhäuserNews, oxid6, Releases
This patch update contains bug fixes (incl. security issues 2018-002 as well as 2018-003), GUI changes have been done. Furthermore, the modules Klarna and GDPR Opt-in were added to the compilation. See details in this listing.
OXID eShop version 4.10.8 (CE + PE) & 5.3.8 (EE)
0 Comments/in blog English marco.steinhaeuser / Marco SteinhäuserNews, Releases
No GUI changes, no other bugs fixed but security issues 2018-002 and 2018-003, EoL release of OXID eShop series 4.10.
Module development in OXID eShop 6 – benefit from the new features
0 Comments/in blog English steven.pfuendlin / Steven PfündlinAPIs, module development, Modules backend, Modules frontend
OXID eShop 6 introduced several improvements to the OXID eShop environment. These changes also have reached the module system, which leads to some new features for developers.
How we temporarily handle the right to data portability (Art. 20 GDPR)
0 Comments/in blog English clemens.scholz / Clemens ScholzGDPR, right to data portability
We’ve experienced requests concerning the “Right to data portability” (Art. 20 GDPR) on several channels. The legal text states someat like ” … receive the personal data … in a structured, commonly used and machine-readable format…”. As this is not a clear specification, provide an SQL script for reading out all relevant information from the database. Get the script from this blog post.
Function __isset and model lazy loading with different behaviour in PHP version 7.0.6 or newer
0 Comments/in blog English Igor Iegupov / Igor Iegupov__isset, APIs, oxid6, PHP, PHP 7
The behaviour of the PHP function __isset was changed with PHP version 7.0.6. OXID eShop makes use of this function __isset for lazy loading, and because of these changes lazy loading might behave unexpectedly in OXID eShop. Please read this blog post to avoid this unexpected behaviour in your projects and/or modules.
Announcing new principles in the OXID core and how you will benefit from them
4 Comments/in blog English Koltan / KoltanAPIs, module development, Modules backend, Modules frontend
In order to improve the OXID eShop core code we are going to change some main principles of overwriting classes and methods when changing OXID eShop functionality with modules: methods may now be marked as private. This is not to cut away possibilities; there’ll be other means to catch up with what you want to achieve.
OXID eShop version 6.0.2
1 Comment/in blog English clemens.scholz / Clemens ScholzNews, oxid6, Releases
This patch update was extraordinarily pushed up to give you a proper time frame to establish the GDPR compliance with OXID eShop. Additionally, we started to introduce new principles of code writing in order to become more flexible, agile and innovative when changing the core. Anyway, this patch update contains bug fixes as well as loads of pull requests.
GDPR compliance with OXID eShop version 6.0.2
2 Comments/in blog English pll_5ac5296b8a5f5 benjamin.joerger / Benjamin JörgerEuropean Data Protection Regulation, GDPR, News
We recently released OXID eShop 6.0.2 including some changes in preparation of the upcoming European Data Protection Regulation (GDPR) that will be applicable as of May 25th, 2018 in all member states to harmonize data privacy laws across Europe.