Security Patches - How Do I Know
Hi All,
I have been running several zen-carts since 1.3.8. Over the years I have been told of or have just happened across security patches, but I've never been able to find a section dedicated to security patches. I realize that this is a pretty touchy subject and that announcing such issues to the general public would put hundreds of thousands of shops at risk. So I wonder - how can I know when a security issue is found so that I can keep patched up? I know that once logged into the forum a "security issues" section becomes visible, but this is not a list of patches that should be applied. It would be quite handy if there were some type of notification system. Possibly an alert that would appear in the admin near the installed version at the top right of the screen.
Thank You,
John
Re: Security Patches - How Do I Know
Generally speaking, the latest version is the latest security patch and at least version 1.5.0 and above offers such an upper right corner notification.
Then there is the forum thread Zen Cart Release Announcements to which one can subscribe. As posts are made, they will be forwarded to the subscriber as long as the logged in subscriber has visited the ZC site since the last message of the thread has been posted. In other words, the system will send a message to the subscriber as long as the subscriber remains active with the site.
Also there are threads of known issues for various versions of ZC in the upgrade section to which specific corrections are posted, though one may not expect such posting for ever older versions that are no longer supported.