News


OXID eShop v6.0.0 RC2 is published

OXID eShop v6.0.0 release candidate 2 is publicly available from now on. Please get the most import information from this blog post.

Security Bulletin 2017-001

CVE-2017-12415: Under certain pre-conditions an attacker would be able to hijack the cart session of a client via a Cross-Site Request Forgery (CSRF).

OXID eShop version 4.9.10 (CE + PE) & 5.2.10 (EE)

Contains no GUI changes, just some bugs fixes. Please note that this patch release contains a fix for the security issue with a CVSS = 2.2. We will hand out more information about it with the security bulletin 2017-001 next week.

OXID eShop version 4.10.5 (CE + PE) & 5.3.5 (EE)

Contains some bug fixes. No frontend changes. Please note that this patch release contains a fix for the security issue with a CVSS = 2.2. We will hand out more information about it with the security bulletin 2017-001 next week.

O OXID Developer, Where Art Thou?

This is a note to let you know about a new feature on OXIDforge, OXID Jobs. OXID jobs is a marketplace for people looking for developers but also for developers looking for (freelance) jobs.

OXID eShop v6.0.0 RC1 (partner release) is published

OXID eShop v6.0.0 release candidate 1 (AKA “Partner Release”) is publicly available from now on.

How to (quickly) port a module to OXID eShop 6.0

This post describes the minimum changes necessary to make an existing module immediately compatible with OXID eShop 6.0. In a later blog post we will tell you how to fully port a module or write a new one from scratch so that it fits OXID eShop 6.0 and above.

OXID eShop version 4.10.4 (CE + PE) & 5.3.4 (EE)

OXID eShop version 4.10.4 (EE: 5.3.4) was published today, containing some bug fixes as well as updated modules for PayPal and VCMS (PE/EE).

OXID eShop v6.0.0 Beta3 is published

OXID eShop v6.0.0-beta.3 is publicly available. Please read about the alterations in this blog post.

OXID eShop version 4.10.3 (CE + PE) & 5.3.3 (EE)

OXID eShop version 4.10.3 (CE and PE) as well as version 5.3.3 (EE) were published recently, including bug fix #6568 (PAYONE) and updated PHPMailer class as well as Visual CMS module versions.

Bye-bye Subversion!

As we are on GitHub since years now we are about to shut down the old partner SVN on 31st of January. Please let us know if you have any objections.

PHPMailer < 5.2.21 Remote Code Execution: OXID eShop is safe!

In PHPMailer which is used in OXID eShop, the security issue CVE-2016-10033 was found. OXID eShop is safe. Please read how to update anyway if you wish.