SUPEE-8788, Enterprise Edition 1.14.3 and Magento Community Edition 1.9.3 address Zend framework and payment vulnerabilities, ensure sessions are invalidated after a user logs out, and make several other security enhancements. The new patch addresses two issues:
- Removes compatibility issues with SUPEE-1533 and SUPEE-3941 security patches experienced by merchants using Magento Community Edition 1.8 and earlier releases.
- Resolves issues with some 3rd party payment methods during checkout.
How to Install
- Revert SUPEE-8788 if you have already installed it.
- Revert SUPEE-1533 if you have already installed it.
- Deploy SUPEE-3941 if it hasn’t already been installed.
- Install the new SUPEE-8788 v2 patch. This patch includes SUPEE-1533, so you don’t need to worry about re-installing it.
Please upload the patch into your Magento root directory and run the appropriate SSH command:
For patch files with the file extension .sh:
Example: sh PATCH_SUPEE-1868_CE_220.127.116.11_v1.sh
For patch files with the file extension .patch:
patch –p0 < patch_file_name.patch
Once that is done, refresh the cache in the Admin under "System > Cache Management" so that the changes will be reflected. We highly recommend you test all patches in a test environment before taking them live.
You can find SUPEE-1533 and SUPEE-3941 patches in the Release Archive of the Community Edition Download Page.