can anybody confirm if the Magento 1.x branch is affected by all or some of the recent security issues (including vunerabilities of Magento's REST and SOAP APIs) or do they only concern the Magento 2.x branch?
Some of the APPSEC descriptions in the Security Center article list "Magento CE and EE prior to 2.0.6" as affected products which could be interpreted as affecting 1.x Versions as well.
Ater LOTS of searching I found:
stating that the the first affected version is 2.0.2 .
But I'm not 100% convinced.
I creatd Support Ticket #27369 for this issue.
Also one of issue 1420 states that the affected versions AND fixed version is 2.0.6 . Obviously this is impossible.
Hi @YiffyToys and @IDSofasurfer - just wanted to let you know that the recent security issues are only for 2.x versions (patched in 2.0.6). You do not need to worry about the 1.x versions for this one.