Looking for a secure eCommerce platform? Set up your Magento 2 store for your business with the help of our Magento developers.
Magento has released a new security patch SUPEE-8788. The patch addresses
- Zend framework and payment vulnerabilities
- Ensures sessions are invalidated after a user logs out and
- Makes several other security enhancements
Installing Magento Security Patch SUPEE-8788 – Lessons Learnt
We had published a blog on installing Magento Security Patch SUPEE-8788 on Oct 13th. We received a volley of queries from the visitors of the blog.
Meanwhile, version 2 of SUPEE-87888 was released on October 14th as the previous version had some issues for certain section of Magento users.
We have compiled our replies/findings here so that the community at large can benefit from the same.
Magento too has provided a detailed explanation on “How to Apply the SUPEE-8788 Patch”.
Installing Magento Security Patch SUPEE-8788 – Follow Up
In this blog, we have categorized the various challenges while applying the SUPEE 8788 patch and the solutions for the same.
Before installing the patch please follow the below instructions.
Apply the SUPEE-8788 V3: This new version is only for Magento EE 1.13.0.x
- revert SUPEE 1533 (if installed)
- install SUPEE 3941 (if not installed)
- install SUPEE 8788 v3
Apply the SUPEE-8788 V2:
- revert SUPEE 8788 v1 (if installed)
- revert SUPEE 1533 (if installed)
- install SUPEE 3941 (if not installed)
- install SUPEE 8788 v2
For downloading the above patches follow the below URL
https://github.com/DemacMedia/magento-SUPEE8788-patcher/tree/master/var/patches
Possible issues after applying the Magento patch 8788 v2 patch
Error: Hunk #1 FAILED at 91 after reverting SUPEE-1533 (in Magento 1.9.2.0)
Possible Reason: If version 2 fails with the DashboadController, you apparently did not successfully revert SUPEE-1533.
Error: In Magento 1.8 the Checkout and Register form were not submitted.
Possible Reason: This means that there are some template changes in form_key for Magento prior to 1.8
Error: If you get Call to undefined function hash_equals() error
Possible Reason: At times you may get the above error even if the SUPEE-8788 v2 patch was successfully installed. This is because you may have overwritten the core – app/code/local/Mage/Core with functions.php.
In order to fix this error, you will have to insert hash_equals() function in app/code/local/Mage/Core/functions.php.
Error: “Hunk FAILED” error while applying the patch
Possible Reason: “Hunk FAILED” messages are usually due to the changes in core files or because of previous patches that are missing. Make sure all previous patches for your Magento version are installed and you did not make changes in core files.
Hope this helps to successfully apply – SUPEE 8788
If you have any queries regarding Magento Security Patch 8788 , please free to register your comments or mail us.
References
https://community.magento.com/t5/Security-Patches/SUPEE-8788-fails-on-SWF-files/td-p/50421