OXID eShop version 6.1.6

OXID eShop version 6.1.6 was released containing mostly bug fixes as well as a security improvement and ~30 merged pull requests.



OXID eShop version 6.2.0

OXID eShop v6.2.0 is public. Learn more about what’s new in this version and what’s been changed in this blog post. Best: it contains 80+ contribs from you!



Dependency injection for project developers with OXID eShop – Part 1: Basics

Dependency injection for project developers with OXID eShop to be published with OXID eShop version 6.2.0. This is the first blog article (explaining the basics) of a three-part series.



OXID eShop v6.2.0 RC2 is published

OXID eShop v6.2.0 RC2 is publicly available. Read this blog post for more information about what is included, what has changed and how to get it.



Slides Partner Day 2019

As usual, we invited all of our solution and platform partners as well as proud members of OXID Savvy Programme on November, 12th to our annual OXID Partner Day. Please find a collection of the tech track slides in this blog post.



Security Bulletin 2019-002

CVE-2019-17062: With a specially crafted URL, users with admin rights could unintentionally grant unauthorized users access to the admin panel.



Good and bad software practices past and present

Using a small piece of code from an integration task, I would like to discuss how good and bad practices differ – in the past as well as nowadays.



OXID eShop version 6.0.6

This patch release contains a fix for a security issue. Please read this document carefully and update your installation as soon as possible!



Hotfixes for OXID eShop v4.9, v4.10, v5.2 and v5.3 (Security Issue 2019-002)

Today, we published patch releases OXID eShop 6.0.6 and OXID eShop 6.1.5 fixing security issue 2019-002. Please find hotfixes for former versions here.



OXID eShop version 6.1.5

Besides other bug fixes, this patch release contains a fix for a security issue. Please read this document carefully for more information.



Applying patches to OXID eShop projects with composer

The usage of modern tools like composer helps when deploying PHP application nowadays. Sometimes people miss the good old easy way to do things in a way they are used to. One of those things which got harder by using newer tools is patching the source code in external project dependencies. We faced the challenge here at OXID Professional Services team, too and we found an easy and flexible way to have the benefits of both worlds: using composer with its powerful ecosystem and autoloading functionality, and keep the flexibility to patch packages handled by composer located in the vendor directory of your project.



Security Bulletin 2019-001

CVE-2019-13026: With a specially crafted URL, an attacker would be able to gain full access to the administration panel.