osCommerce and osCMax shopping cart software forums

Shopping Cart Software

osCommerce with teeth!

 

osCommerce 2.2 Milestone 2 060817 Update Released

This is a discussion on osCommerce 2.2 Milestone 2 060817 Update Released within the osCommerce News forums, part of the osCommerce 2.2 Forums category; An update to the osCommerce 2.2 Milestone 2 version has been released that addresses security related issues and bug reports ...


Go Back   osCommerce and osCMax shopping cart software forums > osCommerce 2.2 Forums > osCommerce News

osCommerce 2.2 Milestone 2 060817 Update Released osCommerce 2.2 Milestone 2 060817 Update Released

Register FAQ Members List Calendar Mark Forums Read


Free community membership! Fast easy FREE membership
Closed Thread

 

LinkBack Thread Tools
  #1  
Old 01-09-2007, 01:07 PM
michael_s's Avatar
osCMax Developer

  
Join Date: Jul 2002
Location: Phoenix, AZ
Posts: 10,330
Thanks: 68
Thanked 322 Times in 305 Posts
Rep Power: 10
michael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond repute
Post osCommerce 2.2 Milestone 2 060817 Update Released
An update to the osCommerce 2.2 Milestone 2 version has been released that addresses security related issues and bug reports that exist in the released version.

It is recommended for osCommerce 2.2 Milestone 2 store owners to apply the changes to their installations due to the security issues and bug reports that have been fixed. The changes involved are minimal, do not break compatibility with contributions, and further strengthens the security of the shop installation.

This update release focuses solely on security related issues and bug reports, and does not introduce any new features that have been made for the next development milestone release.

This release is a full release package containing updated source files (including the updates from the 051113 Update release), documentation, and information on what changes have been made to easily apply to existing installations.

This update release includes the following changes:

* Magic Quotes Compatibility Layer Fix
* Parse GET Variables In Cache Functions
* PHP 3 Session ID XSS Issue
* Product Attributes SQL Injection
* Resize Images To Round Numbers
* Use The Correct Country Name Value When Formatting Addresses
* Prevent The Session ID Being Passed In Tell-A-Friend E-Mails
* Properly Remove Deleted Products That Exist In Shopping Carts

The documented changes found inside the download package can be seen here:

http://www.oscommerce.com/ext/update-20060817.html

The 2.2 Milestone 2 060817 Update release involves the following file changes for the security and bug fixes made:

catalog/admin/includes/functions/compatibility.php (2 diffs)
catalog/admin/includes/functions/general.php (1 diff)

catalog/includes/classes/sessions.php (1 diff)
catalog/includes/classes/shopping_cart.php (2 diffs)
catalog/includes/functions/cache.php (4 diffs)
catalog/includes/functions/compatibility.php (2 diffs)
catalog/includes/functions/general.php (2 diffs)
catalog/includes/functions/html_output.php (1 diff)
catalog/shopping_cart.php (1 diff)
catalog/tell_a_friend.php (2 diffs)

We'd like to thank James Bercegay from GulfTech Security Research (http://www.gulftech.org) for bringing security issues to our attention.

This update release can be downloaded from:

http://www.oscommerce.com/solutions/downloads

This announcement can be discussed on the community support forums at:

http://forums.oscommerce.com/index.php?showtopic=223556

More...
__________________
Michael Sasek
osCMax Developer

  • osCMax Templates - Hundreds of premium quality templates. New designs every month!

  • xShop for osCMax - Windows Based osCMax administration. Improved workflow, security, speed and convenience.

  • osCMax Hosting - From basic hosting to High Availability, Load Balanced arrays, the most experienced osCMax host.

  • osCMax Template Tutorial - Learn how to make your own custom templates and how to use the powerful features of the osCMax template system.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Closed Thread

« - | osCommerce 3.0 Alpha 4 "Lebkuchen" Released »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads

Thread Thread Starter Forum Replies Last Post
osCommerce 2.2 Milestone 2 051112 Update Released michael_s osCommerce News 0 01-09-2007 01:07 PM
Oscmax - has it been upgraded to oscommerce-2.2ms2-060817? EagleGlow osCMax v2 Installation issues 1 08-23-2006 03:14 PM
[MS2-MAX UPDATE] Version 1.5 Released and Ready for Download michael_s osCMax v1.7 Discussion 14 01-24-2004 05:04 PM
MS2-MAX 1.5.5 BTS UPDATE RELEASED michael_s osCMax v1.7 Announcements 0 11-23-2003 10:27 PM
[MS2-MAX UPDATE] Upgrade Package v1.0 to v1.5 released michael_s osCMax v1.7 Discussion 0 09-16-2003 01:01 PM


All times are GMT -8. The time now is 05:42 PM.

osCMax Home - Site Map - Top

Powered by vBulletin®
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO
http://www.oscmax.com/forums/
Copyright 2008 osCMax