Tag: Magento

magento_patch
Security

Magento security patches April 2015

Today all Magento users are getting an alert on backend. It advices to apply 2 security patches for fix new vulnerabilities on Magento. Is advised to apply asap before hacker´s community would receive news about this so my recommendation is don´t play with the security of your business.

The patches required are SUPEE-1533 and SUPEE-5344

https://www.magentocommerce.com/products/downloads/magento

Every patch checks first if your server has the required software, if you don´t have the ‘patch’ utility you need to install on your server,

yum install patch

in case of CentOS.

Just upload patches to root installation and run :

bash PATCH_SUPEE-1533_EE_1.12.x_v1-2015-02-10-08-19-16.sh;
bash PATCH_SUPEE-5345_CE_1.7.0.2_v1-2015-02-10-08-11-22.sh;

Example for Magento 1.7.2 Version

We applied these security patches in some installations, for our main Magento store and for some client´s sites. Notice every version of Magento has different patch version, so be sure don´t make a mistake and download wrong files.

In our case we applied every patch and make a git commit so we can roll back in case of issues.

Enjoy a healthy security.

I am not responsible for loss of data by using the comments of this blog. Make a backup of your system before you try any instructions in this post.