OXID eShop version 4.8.11 (CE + PE) & 5.1.11 (EE)

  in / 
  ,

General hints for this package

  • Tested on PHP 5.3 and 5.4

Installation

For update instructions please see
http://www.oxid-esales.com/en/support-services/documentation-and-help/oxid-eshop/installation/oxid-eshop-update-installation.html

Templates

No template changes in this patch.

Improvements

  • Avoid path traversal for downloadable files from the admin panel. This way a user with access to the admin panel might gather access to files of the OXID eShop system. Fix: OXID eShop now checks the path of the file, only file names in specific paths like downloads/ can now be altered. Many thanks Tim Herres of LSExperts (https://lsexperts.de/) for pointing us to that place.
  • Clean up basket after user logs out. (fix for bug #5771)

Fixed Bugs

Bugtrack change log: https://bugs.oxid-esales.com/changelog_page.php?version_id=314

New Features

No new features in this patch.

Important information for developers

See a comparison to the former version on GitHub



You might also like
DSGVO, the EU and OXID OXID eShop version 4.6.5
DSGVO, the EU and OXID A download package for OXID eShop 6
DSGVO, the EU and OXID Security bulletin: 2011-002
DSGVO, the EU and OXID OXID eShop version 4.6.6
featured Geoblocking-VO Geo-blocking Regulation: how to configure OXID eShop to be compliant?
DSGVO, the EU and OXID GDPR compliance with OXID eShop version 6.0.2