OXID eShop v6.0.0 release candidate 2 is publicly available from now on. Please get the most import information from this blog post.
CVE-2017-12415: Under certain pre-conditions an attacker would be able to hijack the cart session of a client via a Cross-Site Request Forgery (CSRF).
OXID eShop version 4.9.10 (PE + CE) and 5.2.10 (EE) contains no GUI changes, some bugs fixes, fix for security issue 2017-001.
Contains some bug fixes. No frontend changes. Please note that this patch release contains a fix for the security issue with a CVSS = 2.2. We will hand out more information about it with the security bulletin 2017-001 next week.
This is a note to let you know about a new feature on OXIDforge, OXID Jobs. OXID jobs is a marketplace for people looking for developers but also for developers looking for (freelance) jobs.
OXID eShop v6.0.0 release candidate 1 (AKA “Partner Release”) is publicly available from now on.
This post describes the minimum changes necessary to make an existing module immediately compatible with OXID eShop 6.0. In a later blog post we will tell you how to fully port a module or write a new one from scratch so that it fits OXID eShop 6.0 and above.
OXID eShop version 4.10.4 (EE: 5.3.4) was published today, containing some bug fixes as well as updated modules for PayPal and VCMS (PE/EE).
OXID eShop v6.0.0-beta.3 is publicly available. Please read about the alterations in this blog post.
OXID eShop version 4.10.3 (CE and PE) as well as version 5.3.3 (EE) were published recently, including bug fix #6568 (PAYONE) and updated PHPMailer class as well as Visual CMS module versions.
As we are on GitHub since years now we are about to shut down the old partner SVN on 31st of January. Please let us know if you have any objections.
In PHPMailer which is used in OXID eShop, the security issue CVE-2016-10033 was found. OXID eShop is safe. Please read how to update anyway if you wish.