 |
 |
|
 |
|
 |
|
| ||||||||||
|
Shopping cart software Solutions for online shops and malls | |||||||||
|
|
|
||||||||
|
#11
12-28-2008, 08:02 AM
|
|||||||
|
|||||||
Re: Security bulletin 2008-25-12
Thanks QT for working on Christmas and for your "Santa had an accident" video!
 Question: Since there were no security patches for 4.2 does that mean 4.2 was already protected?
__________________
X-Cart GoldPlus v4.7.12 | reBOOT (reDUX) Template v4.7.12.9 | Always The Best |
|||||||
|
#12
12-28-2008, 08:03 AM
|
|||||||||
|
|||||||||
|
Re: Security bulletin 2008-25-12
Quote:
Yes.
__________________
Eugene Kaznacheev, Evangelist/Product Manager at Ecwid: http://www.ecwid.com/ (since Sept 2009) ex-Head of X-Cart Tech Support Department ex- X-Cart Hosting Manager - X-Cart hosting ex-X-Cart Technical Support Engineer Note: For the official guaranteed tech support services please turn to the Customers HelpDesk. |
|||||||||
|
#13
12-28-2008, 08:10 AM
|
|||||||
|
|||||||
|
Re: Security bulletin 2008-25-12
Quote:
Great! Security in the main reason I upgrade. Thank you and have a wonderful day! Paul
__________________
X-Cart GoldPlus v4.7.12 | reBOOT (reDUX) Template v4.7.12.9 | Always The Best |
|||||||
|
#14
12-28-2008, 08:19 AM
|
|||||||||
|
|||||||||
|
Re: Security bulletin 2008-25-12
Quote:
Please check this thread also: http://forum.x-cart.com/showthread.php?t=42036
__________________
Eugene Kaznacheev, Evangelist/Product Manager at Ecwid: http://www.ecwid.com/ (since Sept 2009) ex-Head of X-Cart Tech Support Department ex- X-Cart Hosting Manager - X-Cart hosting ex-X-Cart Technical Support Engineer Note: For the official guaranteed tech support services please turn to the Customers HelpDesk. |
|||||||||
|
#15
12-28-2008, 08:56 AM
|
|||||||
|
|||||||
|
Re: Security bulletin 2008-25-12
Quote:
Excellent Post! #1 - Just implemented #2 - Updated #3 - Thank you! #4 - Just implemented #5 - Already done Thank you Eugene! Paul
__________________
X-Cart GoldPlus v4.7.12 | reBOOT (reDUX) Template v4.7.12.9 | Always The Best |
|||||||
|
#16
12-28-2008, 09:28 AM
|
|||||||||
|
|||||||||
|
Re: Security bulletin 2008-25-12
Yep - Glad I saw this list as well.
#1 - Just implemented #2 - Updated as well #4 - Done #5 - Not sure I need to do this...? - CC's are not stored in my DB...
__________________
Carl Tice X-Cart 4.6.6 X-Payments 3.0 ReBOOT 3.4.1 PHP 5.6.30 MySQL 5.6.35 Linux 2.6.32-042stab120.18 ionCube PHP Loader v4.7.3 Perl 5.10.1 |
|||||||||
|
#17
12-28-2008, 09:33 AM
|
|||||||||
|
|||||||||
|
Re: Security bulletin 2008-25-12
Quote:
If you don't store the credit card numbers, you don't need to enable this feature.
__________________
Eugene Kaznacheev, Evangelist/Product Manager at Ecwid: http://www.ecwid.com/ (since Sept 2009) ex-Head of X-Cart Tech Support Department ex- X-Cart Hosting Manager - X-Cart hosting ex-X-Cart Technical Support Engineer Note: For the official guaranteed tech support services please turn to the Customers HelpDesk. |
|||||||||
|
#18
12-28-2008, 01:27 PM
|
|||||||||
|
|||||||||
|
Re: Security bulletin 2008-25-12
I figured as much. Thanks!
__________________
Carl Tice X-Cart 4.6.6 X-Payments 3.0 ReBOOT 3.4.1 PHP 5.6.30 MySQL 5.6.35 Linux 2.6.32-042stab120.18 ionCube PHP Loader v4.7.3 Perl 5.10.1 |
|||||||||
|
#19
12-28-2008, 01:37 PM
|
|||||||
|
|||||||
|
Re: Security bulletin 2008-25-12
What a mess
 I now have 4 patches to apply in order to make my store secure. Last week I applied the 3 patches from 7/2, 8/5 and 12/18. I then had to back these patches out as customers were complaining that they were not able to log in. Now we have yet another patch, but I am unable to apply it as I haven't and can't apply the previous patches. Are Qualiteam going to fix the previous patches so I can get up to date with these security issues? I have no idea what to do now, and I am concerned that our store is insecure and that people are already taking advantage of these security flaws. Steve
__________________
Version 4.1.8 & 4.1.9 ezcheckout4.1.x cdseolinks2 product_metatags41x shipping_per_product41x http://www.earthsmagic.com |
|||||||
|
#20
12-28-2008, 02:14 PM
|
|||||||
|
|||||||
|
Re: Security bulletin 2008-25-12
Steve,
I had not apply any patches until 2008-25-12, and did all four in order, for my 4.1.9 store. I SIMPLY did this manually, doing a compare on a per-file basis - took 10 minutes to patch everything. This is the "brute force way" but sure to work.
__________________
xcart 4.5.4 gold+ w/x-payments 1.0.6; xcart gold 4.4.4 |
|||||||
|
|
|||
|
X-Cart forums © 2001-2020
|
|||
