Magento CE (Community Edition) 1.9.3.4A new version of Magento has been released. Since a potential vulnerability was fixed, we’re considering this a security fix and we recommend all Magento website owners have this upgrade done.
Magento CE 1.9.3.4 Release Notes (devdocs.magento.com)
This patch addresses both security and functional issues discovered when using the SUPEE-9767 patch. We recommend upgrading your Magento store to this latest version. We recommend upgrading your Magento store to this latest version. Here are your upgrade options:
Upgrade to Magento CE 1.9.3.4. You don’t need to revert any patches or install SUPEE-9767 version 2 as version 2 is already included in the E 1.9.3.4 release.
If you’ve already installed SUPEE-9767 version 1, you can either:
- Upgrade to Magento E 1.9.3.4, or
- revert SUPEE-9767 version 1, then install SUPEE-9767 version 2.
If you haven’t installed SUPEE-9767 version 1, you can either:
- Upgrade to Magento E 1.9.3.4, or
- install SUPEE-9767 version 2.
See Magento Security Center for a comprehensive discussion of these security issues.
This release also provides support for the following functional issues:
General fixes
- We’ve restored missing strip_tags functionality in the checkout JavaScript.
- We’ve changed how Magento validates form keys during the generic five-step checkout process. Previously, customer registration failed during standard checkout processing if form key authentication was enabled.
- Magento now displays the Allow_symlinks message in the Admin message area as expected.
- Magento now preserves the background transparency of uploaded images as expected. Previously, transparency was lost after the image was uploaded, resulting in an unusable image.
- You can now use Checkout with Multiple Addresses when checkout form validation is enabled.
The previous release was on May 31, 2017.
Our Website Maintenance Department will be in contact with our clients regarding this upgrade. If you need this upgrade done on your website, please contact us.
-Tony
