Re: Security bulletin 4 Aug 2009
I have spot checked a couple of versions and all are the same one file patch and all require advanced stats to be turned on to include the patched tpl so there is no vulnerability if advanced stats is turned off. OTOH, PCI-DSS requires applying vendor security patches within 30 days of release. This patch is so simple its not going to conflict with most any stores mods so just apply it and be done with it.
__________________
Manuka Bay Company
X-Cart Version 4.0.19 [Linux]
UGG Boots and other fine sheepskin products
http://www.snowriver.com
|