- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
On April 28th, 2020, Adobe released the SUPEE-11314 security patch for Magento 1 users.
Then, on May 12th, 2020, Adobe released v2. If you already installed the old patch, the guidance is to revert and install the new v2 patch. It appears that some security fixes were missing in the original version of the patch.
I did not see any mention of this in the forums, or any e-mail from Adobe on this topic (although I could have missed something) and wanted to make sure that folks were aware. So far, most members of the Magento community that I've brought this up to have been unaware.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Robert Rand
You are right. This information was conveyed in the Slack channel.
It should have been informed in the some other channels also.
Problem Solved Click Accept as Solution!:Magento Community India Forum
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Robert Rand
You are right. This information was conveyed in the Slack channel.
It should have been informed in the some other channels also.
Problem Solved Click Accept as Solution!:Magento Community India Forum
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SUPEE-11314-v2
I came to this thread as since the upgrade to a pristine copy of 1.9.4.5, the site is failing Security Scan wit the error "SUPEE-11314 - Failed. Weak password requirements found (MPERF-10886)"
Having compared 1.9.4.5 and the patch files I can see the SUPEE-11314-v2 is installed - since the removal of M1 resource the only way to check is by performing diff etc.
I am posting this here as I suspect the fail is a false positive due to the accompanying jquery 1.12.0 error. I suspect the security scan is triggering both these errors on the jquery 1.12.0 version being present.