News


OXID eShop version 6.3.1

Additionally to bug fixes this patch release contains merged pull requests (thanks to you guys!). Security improvement concerning input parsing in Smarty plugins – many thanks to Dr. Dominic Breuker @it.sec!! Security improvement concerning template names. Security improvement for vulnerability in jQuery library



OXID eShop version 6.2.5

Security improvement concerning input parsing in Smarty plugins – many thanks to Dr. Dominic Breuker @it.sec!! Security improvement concerning template names. Security improvement for vulnerability in jQuery library



OXID eShop v7.0.0 RC.1 is published

OXID eShop v7.0.0 release candidate 1 is publicly available. You may find it tagged as https://github.com/OXID-eSales/oxideshop_metapackage_ce/releases/tag/v7.0.0-rc.1 on GitHub. A „stable“ version is much more than just a software package, as for example compatible modules, documentation for this series, content of OXID Academy, tools for updating etc. need to be prepared and shipped as well. All […]



[Security Advisory] Phar object injection in PHPMailer – CVE-2018-19296

PHPMailer version used in OXID eShop seems to be vulnerable. Fortunately, we do not use this vulnerable method in core. Please check your extensions/modules for using the vulnerable method and fix with the proposed workaround!



OXID eShop version 6.3.0

Additionally to bug fixes this patch release contains merged pull requests (thanks to you guys!). PHP 8 will be supported while support for PHP 7.1 and 7.2 is going to be ditched. Security improvement concerning voucher handling (thanks to dreikern.io) . Pre-installed module: Usercentrics CMP, Third gender support in forms (thanks to 4takte), Klarna Support for new countries added (IT, ES, FR and BE).



OXID eShop version 6.2.4

Additionally to bug fixes this patch release contains merged pull requests (thanks to you guys!). Security improvement concerning voucher handling (thanks to dreikern.io) . Pre-installed module: Usercentrics CMP, Third gender support in forms (thanks to 4takte), Klarna Support for new countries added (IT, ES, FR and BE).



Security Advisory: Preventing Dependency Confusion in PHP with Composer

Recently, packagist.org warned about possible attacks in their blog. We want to escalate this warning to OXID module vendors.



OXID eShop version 6.2.3

OXID eShop version 6.2.3 is released containing bug fixes, a security improvement, merged pull requests, composer v2 support, oe:module:uninstall-configuration and support for Symfony named services.



OXID eShop version 6.2.2

Additionally to bug fixes and two security improvements, we added module migrations and updated several 3rd party components. This patch release contains 20+ merge requests – thanks to you guys!



OXID eShop version 6.2.1

This patch release contains some bug fixes and a pull request. Additionally, the functionalities “E-mail suggest” as well as “Beta note” were deprecated.



The story of the GraphQL API for OXID eShop

When Florian started at OXID in September last year, he was entrusted to get the ball rolling for GraphQL API in OXID eShop. Read the full story here.



OXID eShop version 6.1.6

OXID eShop version 6.1.6 was released containing mostly bug fixes as well as a security improvement and ~30 merged pull requests.