Re: Magento 1.x branch affected by recent security...

IDSofasurfer · ‎05-20-2016

Hi,

can anybody confirm if the Magento 1.x branch is affected by all or some of the recent security issues (including vunerabilities of Magento's REST and SOAP APIs) or do they only concern the Magento 2.x branch?

Some of the APPSEC descriptions in the Security Center article list "Magento CE and EE prior to 2.0.6" as affected products which could be interpreted as affecting 1.x Versions as well.

Thanks!

YiffyToys · ‎05-20-2016

Ater LOTS of searching I found:

https://community.magento.com/t5/News-Announcements/Magento-2-0-6-Provides-Important-Security-and-Fu...

stating that the the first affected version is 2.0.2 .

But I'm not 100% convinced.

I creatd Support Ticket #27369 for this issue.

Also one of issue 1420 states that the affected versions AND fixed version is 2.0.6 . Obviously this is impossible.

sherrie · ‎05-20-2016

Hi @YiffyToys and @IDSofasurfer - just wanted to let you know that the recent security issues are only for 2.x versions (patched in 2.0.6). You do not need to worry about the 1.x versions for this one.

--

Developer Relations, Adobe Experience Cloud
Problem solved? Click Accept as Solution!
Still stuck? Check out our documentation: https://magento.com/resources/technical

IDSofasurfer · ‎05-23-2016

Thanks for clearing that up!

sherrie · ‎05-23-2016

No problem @IDSofasurfer.

--

Developer Relations, Adobe Experience Cloud
Problem solved? Click Accept as Solution!
Still stuck? Check out our documentation: https://magento.com/resources/technical

Magento 1.x branch affected by recent security issues?

Magento 1.x branch affected by recent security issues?

Re: Magento 1.x branch affected by recent security issues?

Re: Magento 1.x branch affected by recent security issues?

Re: Magento 1.x branch affected by recent security issues?

Re: Magento 1.x branch affected by recent security issues?