Use Magento Community 18.104.22.168 or later for all new installations and enhancements to make sure that you have the modern-day fixes, capabilities, and safety updates.
Patch Bundle SUPEE-7405 v.1.1
Patch resolves security issues. The SUPEE-7405 v 1.1 patch bundle includes the following:
- Upload File Permissions
The patch restores less restrictive file permissions for files and for directories as additional strict permissions introduced by the initial SUPEE-7405 patch cause several merchants to not be able to see uploaded item pictures, depending on Magento hosting configuration.
- Magento Cart Merge Patch SUPEE-7978
Carts with equal products now merge properly. Previously, while a cart with one product changed into merged with any other cart that contained the same product, Magento did not merge the cart totals properly.The cart now includes one product, and the entire is correct.
- Magento SOAP API Patch SUPEE-7822
The Magento SOAP API now works properly. Previously after putting in the SUPEE-7405 v1.0 patch, an API request might return a 500 error.
- PHP 5.3 Compatibility SUPEE-7882
The patch was not compatible with PHP 5.3 for earlier versions of Magento that were still supporting this version. The issue by merchants was inability to look at sales info in the backend.
You must install the SUPEE-7405 v 1.0 patch before installing the SUPEE-7405 v 1.1 patch bundle if you are running a version of Magento Community Edition prior to 22.214.171.124.
You do not need to install the SUPEE-7405 v 1.0 patch if you are running Magento Community Edition 126.96.36.199, or have previously installed the SUPEE-7405 v 1.0 patch on an earlier version of Magento Community Edition.
All eCommerce sites are targets to hackers thanks to the private and payment info that's needed to finish a purchase. Even if the system doesn't process payment transactions, a hacked store might reroute buyers to a false page. A hacked site can have long-term consequences for both buyers and sellers.
Related articles: Security best practices