Hello everyone,
We are glad to announce that
new X-Cart v4.1.10 is now available for downloading in "File area" section of your HelpDesk account at
https://secure.qualiteam.biz .
Upgrade kits for upgrading X-Cart v4.1.X to the v4.1.10 will be available in several days (we will send a newsletter and publish an announcement here once this happens).
v4.1.10 is a minor bug-fix release, but there are a few major changes from v4.1.9 as well:
* InnovaStudio WYSIWYG Editor updated to 2.9.8
* Smarty updated to 2.6.19 version.
* Skins W3C validation in customer front-end.
* Order sorting improvement in MySQL version 5.0.50-5.0.51
For detailed changes description see the CHANGELOG file, which is included into X-Cart v4.1.10 installation package, or can be downloaded from the "File Area" section of your Support HelpDesk account at
https://secure.qualiteam.biz .
For installation instructions see the README file, which is included into X-Cart v4.1.10 installation package.
Also, we would like to inform you that Secunia.com reported a "Less Critical" security vulnerability in Smarty template engine versions prior to 2.6.19 (see
http://secunia.com/advisories/29241/ for details).
The standard code of X-Cart versions 4.1.9 and earlier uses the said versions of Smarty, but it does not use the part of Smarty functionality affected by the issue (
security mode). That is why the vulnerability in Smarty does not create a vulnerability in X-Cart, and you do not need to apply any security patches.
However, in case you use an X-Cart modification that employs Smarty's security mode we recommend you to replace the files
plugins/modifier.regex_replace.php and
Smarty_Compiler.class.php from the directory "Smarty-..." inside your X-Cart with the corresponding files from Smarty 2.6.19.
Smarty 2.6.19 can be obtained at
http://www.smarty.net/download.php