| ||||||||||
Shopping cart software Solutions for online shops and malls | ||||||||||
|
#51
|
|||||||||
|
|||||||||
Re: Security bulletin 2008-12-18
Quote:
HelpDesk file area.
__________________
Eugene Kaznacheev, Evangelist/Product Manager at Ecwid: http://www.ecwid.com/ (since Sept 2009) ex-Head of X-Cart Tech Support Department ex- X-Cart Hosting Manager - X-Cart hosting ex-X-Cart Technical Support Engineer Note: For the official guaranteed tech support services please turn to the Customers HelpDesk. |
|||||||||
#52
|
|||||||
|
|||||||
Re: Security bulletin 2008-12-18
Hi Ene,
The dates within the support helpdesk file download area have dates not related to the release dates. I noticed that last week when I was checking to make sure all patches were applied to each version we use. Many say January 10, 08 even though they are patches from 2006. ScreenShot Attached Chris
__________________
4.0x - 4.5x |
|||||||
#53
|
|||||||||
|
|||||||||
Re: Security bulletin 2008-12-18
Hello Eugene,
I was referring to the actual RELEASE scripts, not the patches. If the script available for download on 12/29 is different from that which was available on 10/9, there should be indication to the user that patches have been applied (or bug fixes), and that the original 10/9 script they downloaded is now incomplete compared to the release available on 12/29.
__________________
Conor Treacy - Big Red SEO - @bigredseo Search Engine Optimization & Internet Marketing - We Bring Your Website Out Of Hiding! If you can't be found on Google, Bing or Yahoo, you pretty much don't exist on the Internet. Omaha SEO Office with National & Local SEO Services Hourly Consulting - great for SEO Disaster Recovery, Audits and DIY Guidance |
|||||||||
#54
|
|||||||||
|
|||||||||
Re: Security bulletin 2008-12-18
Hi Eugene -
Maybe this will help to make the issue clearer: Are the security patches provided for 4.1.11 applicable to any version of the 4.1.11 distribution? For example - I have a 4.1.11 instance which was created from an upgrade patch for 4.1.10->4.1.11 downloaded in early September. I did a diff of the file versions of my cart to a current 4.1.11 cart - There are over 100 files which have been updated since I upgraded. Can the patch be applied with confidence, or are any of the other changes also required? I have other 4.1.11 instances which have different file versions, depending upon when I downloaded them. I also have a 4.1.9 instance of XCART - but I don't think I have a way to compare it to what is your latest 4.1.9 release. Is it possible to publish a versions file for previous 4.1.x distributions?
__________________
X-CART (4.1.9,12/4.2.2-3/4.3.1-2/4.4.1-5)-Gold (CDSEO, Altered-Cart On Sale, BCSE Preorder Backorder, QuickOrder, X-Payments, BCSE DPM Module) |
|||||||||
#55
|
|||||||||
|
|||||||||
Re: Security bulletin 2008-12-18
Quote:
Sometimes the security patches can be re-uploaded later. For example due to reorganisation of the File Area folders. Quote:
Yes. We do not change the distribution packs once we upload them. So X-Cart 4.1.11 you downloaded one month earlier and 4.1.11 you've downloaded today are the same. Quote:
If you upgrdaded your store correctly, you can apply the patch without any worries. Quote:
As I said before you should just download the security patch for 4.1.9 version and apply it.
__________________
Eugene Kaznacheev, Evangelist/Product Manager at Ecwid: http://www.ecwid.com/ (since Sept 2009) ex-Head of X-Cart Tech Support Department ex- X-Cart Hosting Manager - X-Cart hosting ex-X-Cart Technical Support Engineer Note: For the official guaranteed tech support services please turn to the Customers HelpDesk. |
|||||||||
#56
|
|||||||||
|
|||||||||
Re: Security bulletin 2008-12-18
from post #47
Well I'm no closer to finding the real solution. I submitted one of the prepare.php 4.1.9 files to QT and they replied that it hadn't had any patches applied so I would need to install each one after downloading from the file area. Did that and it worked fine, however trying to patch the prepare.php on another 4.1.9 store was impossible as it was missing too many lines of code, and from what I could gather looked more like a 4.1.10 prepare.php than a 4.1.9. So I downloaded the 4.1.10 security patches and they seemed to be Ok for the prepare.php changes. And before you jump, it is definitely a 4.1.9 store (well according to the patch/upgrade area in admin). The store works fine so I'm going to load a backup of XCart downloads I made some time ago and check to see if there are any variations between those downloads and the ones currently available from XCart's download area. At least the stores are patched finally.
__________________
XCart 4.5.4, 4.6.1, 4.64 stores Many, many mods from Altered Cart XCart Mods Reboot template The XCart Store Templates and Mods WCM CDSEO Pro BCSE Rewards Points and Gallery Mods and a few others |
|||||||||
#57
|
|||||||||
|
|||||||||
Re: Security bulletin 2008-12-18
"it is definitely a 4.1.9 store (well according to the patch/upgrade area in admin)"
You can't really trust that. I think all it does is compare what it says in the VERSION file with what it says in the xcart_config table for the "version". If they are wrong, but both say the same thing you would never know it.
__________________
Two Separate X-Cart Stores Version 4.4.4 Gold - X-AOM - Vivid Dreams Aquamarine (modified) - Linux Mods - Newest Products - View All -, and a few others. Numerous upgrades from 4.0.x series. Integrated with Stone Edge Order Manager + POS Version 4.1.12 Gold (fresh install) - X-AOM - Linux Mods - XCSEO free |
|||||||||
|
|||
X-Cart forums © 2001-2020
|