In the context of the new geo-blocking Regulation, it will become necessary to ensure that potential customers from across the EU internal market have access to and buy from your online shop. However, no online merchant is obliged to deliver, but has to create possibilities that the shipments can be picked up e.g. in the countries of delivery specified by you, if the purchaser gives a delivery address in this country and organizes the onward transport himself. In this tutorial we will show you how to configure the shop so that you comply with the new regulation on 3rd of December.
OXID eShop version 6.1.1 is published and contains mostly bug fixes, no storefront changes.
From now on you can additionally use Telegram to receive breaking news such as release notes and security bulletins when working with OXID. Read more about the Telegram integration in this blog post.
CVE Identifier: CVE-2018-14020: An attacker is able to change the delivery address by bypassing the checkout process when using Paymorrow payment method.
CVE Identifier: CVE-2018-12579: An attacker is able to take over an access to user account.
Two days ago we published three releases, OXID eShop 6.0.1, 6.0.3 and 4.10.8/5.3.8. Please read this blog post for a summary of the changes.
OXID eShop 6.1.0 compilation contains two new modules (GDPR Opt-in + Klarna), monolog implementation, form field configuration, possibility to overwrite Smarty plugins with your own modules and is ready for the Personalization Option (EE). oxchkversion was removed from the admin panel.
This patch update contains bug fixes (incl. security issues 2018-002 as well as 2018-003), GUI changes have been done. Furthermore, the modules Klarna and GDPR Opt-in were added to the compilation. See details in this listing.
No GUI changes, no other bugs fixed but security issues 2018-002 and 2018-003, EoL release of OXID eShop series 4.10.
This patch update was extraordinarily pushed up to give you a proper time frame to establish the GDPR compliance with OXID eShop. Additionally, we started to introduce new principles of code writing in order to become more flexible, agile and innovative when changing the core. Anyway, this patch update contains bug fixes as well as loads of pull requests.
We recently released OXID eShop 6.0.2 including some changes in preparation of the upcoming European Data Protection Regulation (GDPR) that will be applicable as of May 25th, 2018 in all member states to harmonize data privacy laws across Europe.
CVE Identifier: CVE-2018-5763: An attacker is able to bring servers to standstill by calling specially crafted URLs if OXID High Performance Option is activated and Varnish is used (denial of service/DoS).