[gb2world]

I think the process that QT uses for management of their files for release might explain why there are many problems with what might other wise be easy security patches. You have to be careful applying these patches if you are in this situation:

Say that you were running 4.1.10, then did an upgrade to 4.1.11 around the time of its release - example early September. You would have downloaded an upgrade pack for 4.1.10-4.1.11 from your help desk.

Unfortunately - QT continues to change what it calls 4.1.11. So, over the last few weeks - there may have been updates to many files. If you download an upgrade pack for 4.1.10-4.1.11 today - it is not the same as what you download in early September.

When you download a security patch for 4.1.11 - it is for the latest version of 4.1.11 - perhaps not the 4.1.11 version that you installed in September.

The current security patch looks like it would be okay for the XCART fresh 4.1.11 I installed earlier this month. But, the diff files have some discrepancies with a 4.1.11 cart I have that is an upgrade from a 4.1.10 cart, so I am wary to apply it without going through all the other differences - which is not an easy or quick task.