I hadn't logged into my Hostmonster account in awhile and now I'm seeing a simple script update available. When I go to it, it is attempting to update my zencart from 1.3.8.1 to 1.3.8.1.sp1.
What is the sp1?
I hadn't logged into my Hostmonster account in awhile and now I'm seeing a simple script update available. When I go to it, it is attempting to update my zencart from 1.3.8.1 to 1.3.8.1.sp1.
What is the sp1?
It's their attempt at applying some of the posted security patches.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Thanks!
As far as I know, I have the latest security patches. But if not, how can I confirm if I do or not and which one is needed?
The official patches for 1.3.x are listed here: http://www.zen-cart.com/forum/showthread.php?t=131115
The only one that triggers a version-number change in your admin would be "Patch Level: 1" which appears when you install the July 09 Admin Security Patch. All the rest have no effect on the display of version number, but still need to be applied.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Bookmarks