OXID eShop version 6.3.1

Additionally to bug fixes this patch release contains merged pull requests (thanks to you guys!). Security improvement concerning input parsing in Smarty plugins – many thanks to Dr. Dominic Breuker @it.sec!! Security improvement concerning template names. Security improvement for vulnerability in jQuery library



OXID eShop version 6.2.5

Security improvement concerning input parsing in Smarty plugins – many thanks to Dr. Dominic Breuker @it.sec!! Security improvement concerning template names. Security improvement for vulnerability in jQuery library



OXID eShop v7.0.0 RC.1 is published

OXID eShop v7.0.0 release candidate 1 is publicly available. You may find it tagged as https://github.com/OXID-eSales/oxideshop_metapackage_ce/releases/tag/v7.0.0-rc.1 on GitHub. A „stable“ version is much more than just a software package, as for example compatible modules, documentation for this series, content of OXID Academy, tools for updating etc. need to be prepared and shipped as well. All […]



[Security Advisory] Phar object injection in PHPMailer – CVE-2018-19296

PHPMailer version used in OXID eShop seems to be vulnerable. Fortunately, we do not use this vulnerable method in core. Please check your extensions/modules for using the vulnerable method and fix with the proposed workaround!



Customize Admin Templates for Professional and Enterprise Editionen

By default, admin templates in OXID eShop Professional and Enterprise Edition cannot be customized/extended. Here is a workaround to help you creating consistant patches.



OXID eShop version 6.3.0

Additionally to bug fixes this patch release contains merged pull requests (thanks to you guys!). PHP 8 will be supported while support for PHP 7.1 and 7.2 is going to be ditched. Security improvement concerning voucher handling (thanks to dreikern.io) . Pre-installed module: Usercentrics CMP, Third gender support in forms (thanks to 4takte), Klarna Support for new countries added (IT, ES, FR and BE).



OXID eShop version 6.2.4

Additionally to bug fixes this patch release contains merged pull requests (thanks to you guys!). Security improvement concerning voucher handling (thanks to dreikern.io) . Pre-installed module: Usercentrics CMP, Third gender support in forms (thanks to 4takte), Klarna Support for new countries added (IT, ES, FR and BE).



Latest doctrine/dbal release could lead to fatal errors

The latest doctrine/dbal release could lead to fatal errors if you build up your own OXID eShop repository leveraging metapackages. Read in this blog post how to avoid this behavior.



Security Advisory: Preventing Dependency Confusion in PHP with Composer

Recently, packagist.org warned about possible attacks in their blog. We want to escalate this warning to OXID module vendors.



Update Amazon Pay module

Amazon Pay offers a newer version v3.6.8 of their OXID module and kindly requests customers to install this new version as soon as possible. In this blog post we show how you can update this module version with Composer as fast as possible. Of course, the new module version will be included in the next OXID eShop release.



About the discarded idea to distribute OXID GraphQL API with different modules

We ditched the original idea of splitting all storefront OXID GraphQL modules into several fields. Learn why in this blog post.



PhpStorm hacks for developers

PhpStorm is the most popular IDE for professional OXID developers. Here we will collect some useful hacks to make your coding experience even better.