| ||||||||||
Shopping cart software Solutions for online shops and malls | ||||||||||
|
#1
|
|||||||
|
|||||||
security-patch-2007-10-29.tgz
Most of you should have received an e-mail from Qualiteam this morning about a security patch for ALL versions of X-Cart other than 4.1.9. If you didn't, you can find the patch in the 'files' area of your help desk. If you download the patch (which you absolutely should), you will notice it does not include any .diff files, just the patched files themselves. This is not good, as replacing the files will overwrite any changes to them that you made. Be sure to make a backup of all these files before you upload the new versions, and if there are any issues with your store (particularly ones with third party mods), you can easily restore the old versions. Why they didn't issue this patch with .diff files is beyond me, as this creates a major headache for those of us who maintain multiple stores.
__________________
Padraic Ryan Ryan Design Studio Professional E-Commerce Development |
|||||||
#2
|
|||||||
|
|||||||
Re: Security Patch - 11-1-07
Are the old 3.4.x versions affected as well or x-cart team doesn't check those version any more?
__________________
x-cart gold 3.4.14/3.5.14/4.018 |
|||||||
#3
|
|||||||
|
|||||||
Re: Security Patch - 11-1-07
The patch seems to only cover 3.5 on
__________________
Padraic Ryan Ryan Design Studio Professional E-Commerce Development |
|||||||
#4
|
|||||||
|
|||||||
Re: Security Patch - 11-1-07
I received no such e-mail today nor do I see any file with the timestamp to correlate with it in the the files section. You have an exact file name balinor?
|
|||||||
#5
|
|||||||
|
|||||||
Re: Security Patch - 11-1-07
Sure, it's in the file area/updates:
security-patch-2007-10-29.tgz Edited the thread title to reflect this as well.
__________________
Padraic Ryan Ryan Design Studio Professional E-Commerce Development |
|||||||
#6
|
|||||||
|
|||||||
Re: security-patch-2007-10-29.tgz
haha oops I looked right past it, thanks balinor I'll review it and backport the fixes.
Edit: Looks like I only have to backport one fix, I already took care of the other ones they fixed several weeks ago o.O |
|||||||
#7
|
|||||||
|
|||||||
Re: security-patch-2007-10-29.tgz
I didn't get any emails from xcart about this.
__________________
xcart 4.5.4 gold+ w/x-payments 1.0.6; xcart gold 4.4.4 |
|||||||
#8
|
|||||||
|
|||||||
Re: security-patch-2007-10-29.tgz
There's something wrong with that security update at least for 4.1.8, after applying the func.db.php and func.order.php fixes it totally destroys the cart's ability to store any data (in terms of the shopping cart mechanism itself, not the cart as a whole)
|
|||||||
#9
|
|||||||
|
|||||||
Re: security-patch-2007-10-29.tgz
I gave up as well. I had a zillion issues. I reverted.
I will be opening a new thread later re: how to upgrade from 4.1.8 to 4.1.9 -- I have some ideas....
__________________
xcart 4.5.4 gold+ w/x-payments 1.0.6; xcart gold 4.4.4 |
|||||||
#10
|
|||||||
|
|||||||
Re: security-patch-2007-10-29.tgz
Hello all,
In updating for this security patch, is there any easy way to find what the actual changes are? Our include/func.php file is rather heavily modified (by x-cart, myself and one other mod) and I'm having a difficult time differentiated between the update code and that added for modifications by others. I compared the files and this doesn't do me any good. Is there any way to figure out just the lines changed for this update? thanks for any assistance, Carol Davenport
__________________
4.1.9 |
|||||||
|
|||
X-Cart forums © 2001-2020
|