Results 1 to 5 of 5
  1. 26 Nov 2015, 07:25 AM #1
    robax
    robax is offline Zen Follower
    Join Date
    Mar 2006
    Posts
    191
    Plugin Contributions
    0

    Default High-Tech Bridge Security Advisory - Any further info?

    Hi
    I'm looking around for any further advisory around the security problem reported by High-Tech Bridge:
    https://www.htbridge.com/advisory/HTB23282

    In particular, am I looking at a full cart upgrade or is this is likely to be a smaller patch. And if this even affects 1.5.4 at all.

    If it's big then I need to make time for it with Christmas getting close.
    Regards
    ROb
  2. 26 Nov 2015, 03:52 PM #2
    DrByte's Avatar
    DrByte
    DrByte is offline Sensei
    Join Date
    Jan 2004
    Posts
    66,373
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: High-Tech Bridge Security Advisory - Any further info?

    Initial investigation suggests that it's fixable with a small patch. But we're doing broader testing to ensure the issue is as isolated as the htbridge report claims.

    It does indeed only affect v1.5.4
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
  3. 26 Nov 2015, 06:27 PM #3
    swguy's Avatar
    swguy
    swguy is online now Administrator
    Join Date
    Feb 2006
    Location
    Tampa Bay, Florida
    Posts
    9,691
    Plugin Contributions
    123

    Default Re: High-Tech Bridge Security Advisory - Any further info?

    Thanks as ever to the Zen Cart team for being on top of this stuff. Happy Thanksgiving!
    That Software Guy. My Store: Zen Cart Modifications
    Available for hire - See my ad in Services
    Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.
    Do you benefit from Zen Cart? Then please support the project.
  4. 26 Nov 2015, 09:23 PM #4
    wilt's Avatar
    wilt
    wilt is offline Oji-san
    Join Date
    Jun 2003
    Location
    Newcastle UK
    Posts
    2,896
    Blog Entries
    2
    Plugin Contributions
    2

    Default Re: High-Tech Bridge Security Advisory - Any further info?

    Please see

    https://www.zen-cart.com/showthread....-November-2015
  5. 27 Nov 2015, 12:26 AM #5
    robax
    robax is offline Zen Follower
    Join Date
    Mar 2006
    Posts
    191
    Plugin Contributions
    0

    Default Re: High-Tech Bridge Security Advisory - Any further info?

    Excellent, thanks for this... I'll get patched right away!
    Rob
 

 
« Previous Thread | Next Thread »

Similar Threads

  1. PayPal Express + High IE Security = Error
    By Tully in forum PayPal Express Checkout support
    Replies: 1
    Last Post: 4 Dec 2007, 03:36 PM
  2. When I click "PayPal Express Checkout", it doesn't go any further
    By abcdabcd in forum PayPal Express Checkout support
    Replies: 4
    Last Post: 1 Jul 2007, 04:08 AM
  3. Can I get any Phone Tech Support?
    By kmac999 in forum General Questions
    Replies: 6
    Last Post: 14 Jun 2007, 09:21 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR
Content and Graphics Copyright (c) 2003 - 2024 Zen Ventures, LLC - all rights reserved
Zen Cart® is a Registered Trademark of Zen Ventures, LLC