Home » Your Zen Cart Pro Says... » Zen Cart 1.5.5d released

Zen Cart 1.5.5d released

v1.5.5d has been released!

from zencart.com / DrByte

This fixes a critical bug in PHPMailer, which is the subsystem used for sending emails in Zen Cart.

While Zen Cart already sanitizes aggressively against the vulnerabilities published in CVE-2016-10033 and CVE-2016-10045 for PHPMailer this week, we are pushing this new release with the embedded security fixes, as a matter of precaution, in the interest of keeping stores safe. This also has the added benefit of helping provide an extra layer of protection against poorly-sanitized plugins (or completely unrelated software) that might be installed on the store site.

Download available here: http://sourceforge.net/projects/zencart/files/

What’s different in v1.5.5d vs v1.5.5c?

Since the release of v1.5.5c on 26-Dec-2016, the following changes have been applied to become v1.5.5d …

  • Upgrade PHPMailer from 5.2.19 to 5.2.21 to fix critical security bug CVE-2016-10045
  • Update Authorize.net storage field type in database to accommodate different values returned by Authnet emulator gateways using these modules
  • Fix zc_install to prevent DB_CHARSET from being set to blank during upgrades when upgrading v1.3.x configure.php files to new format
  • NOTE: There are NO Database Changes to be applied manually.

The list of changed files between minor versions is here: https://www.zen-cart.com/docs/change…5-5.html#v155d

As always, any additional critical issues will continue to be posted at Known bugs and fixes with v1.5.5

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*

*