cancel
Showing results for 
Search instead for 
Did you mean: 

Magento 1.x branch affected by recent security issues?

Magento 1.x branch affected by recent security issues?

Hi,

 

can anybody confirm if the Magento 1.x branch is affected by all or some of the recent security issues (including vunerabilities of Magento's REST and SOAP APIs) or do they only concern the Magento 2.x branch?

 

Some of the APPSEC descriptions in the Security Center article list "Magento CE and EE prior to 2.0.6" as affected products which could be interpreted as affecting 1.x Versions as well.

 

Thanks!

4 REPLIES

Re: Magento 1.x branch affected by recent security issues?

Ater LOTS of searching I found:

https://community.magento.com/t5/News-Announcements/Magento-2-0-6-Provides-Important-Security-and-Fu...

 

stating that the the first affected version is 2.0.2 .

But I'm not 100% convinced.

 

I creatd Support Ticket #27369 for this issue.

Also one of issue 1420 states that the affected versions AND fixed version is 2.0.6 . Obviously this is impossible.

Re: Magento 1.x branch affected by recent security issues?

Hi @YiffyToys and @IDSofasurfer - just wanted to let you know that the recent security issues are only for 2.x versions (patched in 2.0.6). You do not need to worry about the 1.x versions for this one.

--

Community Manager, Magento
Problem solved? Click Accept as Solution!
Still stuck? Check out our documentation: https://magento.com/resources/technical

Re: Magento 1.x branch affected by recent security issues?

Thanks for clearing that up!

Re: Magento 1.x branch affected by recent security issues?

No problem @IDSofasurfer. Smiley Happy

--

Community Manager, Magento
Problem solved? Click Accept as Solution!
Still stuck? Check out our documentation: https://magento.com/resources/technical