Merchants can run Magento 2.3.7 with PHP 7.3, but this configuration has not been tested. We do not recommend running Magento 2.3.7 with PHP 7.3. See the PHP 7.4 support for Magento 2.3.x release line DevBlog post. All unit and integration tests should be run using PHPUnit 9. ![]() Commerce Marketplace extension vendors must confirm that new versions of their extensions are compatible with PHP 7.4. Magento 2.3.7 introduces support for PHP 7.4. You can learn more about CVE identifiers at CVE. This allows users to more easily identify unaddressed vulnerabilities in their deployment. Starting with the release of Adobe Commerce 2.3.2, we will assign and publish indexed Common Vulnerabilities and Exposures (CVE) numbers with each security bug reported to us by external parties. The copy-to-clipboard feature has also been disabled for all storefront credit card fields. This release includes 40 security fixes and platform security improvements. Security enhancements and fixes to core code See Adobe Security Bulletin for a discussion of these fixed issues. Individual issues are no longer described in the Magento Security Center. With the Magento 2.3.4 release, we changed how we describe these security issues. As a result, we remind you to take all necessary steps to protect your Admin, including but not limited to these efforts: IP whitelisting, two-factor authentication, use of a VPN, the use of a unique location rather than /admin, and good password hygiene. Most of these issues require that an attacker first obtains access to the Admin. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions. No confirmed attacks related to these issues have occurred to date. This release includes the following security enhancements: Over 40 security enhancements that help close remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities Look for the following highlights in this release: Substantial security enhancements Bug fixes for these projects are documented in the separate, project-specific release information that is available in the documentation for each project. Not all releases introduce major BICs.) Other release informationĪlthough code for these features is bundled with quarterly releases of the Magento core code, several of these projects (for example, B2B, Page Builder, Inventory Management, and Progressive Web Applications (PWA) Studio) are also released independently. (Major backward-incompatible issues are described in BIC highlights. To review minor backward-incompatible changes, see BIC reference. Magento 2.3.7 contains minor backward-incompatible changes. Quarterly releases may contain backward-incompatible changes (BIC). See the Apply a patch to continue offering DHL as shipping carrier Knowledge Base article for information about downloading and installing the patch. Merchants deploying these releases should apply AC-3022.patch at their earliest convenience to continue offering DHL as a shipping carrier. Adobe Commerce 2.4.4 and earlier versions that support the DHL integration support only version 6.0. Apply AC-3022.patch to continue offering DHL as a shipping carrierĭHL has introduced schema version 6.2 and will deprecate schema version 6.0 in the near future. We strongly recommend planning your upgrade now to Adobe Commerce 2.4.x and PHP 7.4.x to help maintain PCI compliance. PHP 7.3 reached end of support in December 2021, and Adobe Commerce 2.3.x reaches end of support in April 2022. Magento Open Source 2.3.0 Release NotesĪdobe Commerce 2.3.7 offers significant platform upgrades, 40 security enhancements, and 10 functional fixes for the core product. ![]() Magento Open Source 2.3.1 Release Notes.Magento Open Source 2.3.2 Release Notes.Magento Open Source 2.3.3 Release Notes.Magento Open Source 2.3.4 Release Notes.Magento Open Source 2.3.5 Release Notes.Magento Open Source 2.3.6 Release Notes.Magento Open Source 2.3.7 Release Notes.If PHP 7.2.11 is still the only certified, tested PHP version, perhaps provide additional libsodium upgrade steps for Magento stores running linux packages that don't yet support libsodium 1.0.13 in older PHP 7.2. ![]() Please publish what version of PHP is certified & tested against Magento 2.3.2 Possible solutions If you're using the debian stretch, you need to upgrade PHP to 7.2.20 in order to install the required libsodium 1.0.13 package update, but Magento hasn't yet announced if 7.2.20 is a stable version of PHP to use for Magento if upgrading to 2.3.2. The 2.3 DevDocs Tech Requirements also only list the tested/certified PHP version for 2.3.1, not 2.3.2. Currently, the 2.3.2 Open Source and Commerce release notes do not reference the certified, tested version of PHP.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |