New Magento Enhancements Available Today [27 March 2019 ]
Today, Magento is releasing new versions of Magento Commerce and Open Source to increase product security, performance and functionality:
- Magento Commerce and Open Source 2.3.1
- Magento Commerce and Open Source 2.2.8
- Magento Commerce and Open Source 2.1.17
- Magento Commerce 220.127.116.11
- Magento Open Source 18.104.22.168
- SUPEE-11086 to patch earlier Magento 1.x versions
These releases include security enhancements that help close cross-site scripting, arbitrary code execution, and sensitive data disclosure vulnerabilities as well as other security issues. No confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions, so we strongly recommend that all merchants upgrade as soon as possible. Additionally, as a reminder we released the following patches recently that might be useful for you:
- Patch to secure Payflow Pro payment method against fraudulent activity for Magento 2.1, 2.2, & 2.3. Learn More.
- Patch to continue support for payments via Authorize.net Direct Post. Learn more.
The release of Magento 2.3.1 also includes powerful new merchant and developer experience enhancements and multiple performance improvements. More information about the security changes is available on https://magento.com/security. Full details are available in the Magento Commerce and Open Source release notes: