Never touch a running system?
Das Web entwickelt sich rasant weiter – bleiben Sie am Ball, es lohnt sich.
Die Vorteile von regelmässigen Upgrades sind:
- Anpassung an die aktuellsten Standards im Bereich Sicherheit und Technik
- Fehlerkorrekturen
- Regelmässige Upgrades sind mit weniger Aufwand verbunden, als ein Upgrade über mehrere Versionen
- Kompatibilität mit aktuellen Extensions (Zusatzmodule) und Themes (Design-Vorlagen)
- Integration neuer Funktione
- Optimierung bestehender Anwendungen
Beispiele von Weiterentwicklungen aus den letzten Upgrades:
- Das Standard Theme in Version 1.9 ist bereits responsiv (mobil-optimiert)
- Version 1.9 unterstützt PHP 5.4, welches bei vielen Host-Anbietern bereits Standard ist
- Google Shopping Extension ist seit der Version 1.6 verfügbar
- Automatische Generation von Coupon Codes
- Verbesserung der Filternavigation
- Integration von DHL für Europa
- Aktualisierung des Mobile Themes
- Optimierung der PayPal Konfiguration im Backend
Weitere Details finden Sie in der folgenden Release-Liste und alle Details auf der Magento Webseite.
Magento CE 1.9.0.1 (15.05.2014) – Release Notes
CE 1.9.0.1 resolved the following issues:
- Customers can no longer apply a coupon from an inactive shopping cart price rule to a purchase.
- Customers using a smartphone or other small viewport can expand subcategories in the web store that uses the new responsive theme.
Magento CE 1.9.0.0 (12.05.2014) – Release Notes
Highlights
This section lists the key new features in Magento CE 1.9. For more information about these new features, see New Features in Magento EE 1.14 and CE 1.9.
- The default theme in Magento CE 1.9 uses Responsive Web Design principles to provide a better experience for users of mobile devices in particular. Benefits include:
- You can get a tablet and smart phone friendly responsive site in about half the time as before, speeding time to market and freeing up resources for other projects.
- Your responsive site makes you better able to participate in the fast growing mobile commerce space, gives you the ability to more easily adapt to new opportunities, and is less expensive to maintain. A responsive site also offers potential search engine optimization (SEO) benefits because it uses Google’s preferred approach to mobile-optimizing sites.
- Cross-border trade: (Also referred to as pricing consistency.) We support European Union (EU) merchants operating across regions and geographies who want to show their customers a single price. Pricing is clean and uncluttered regardless of tax structures and rates that vary from country to country.
To enable cross-border trade in the Admin Panel, click System > Configuration > SALES > Tax >Calculation Settings, option Enable Cross Border Trade. - Supports PHP 5.4. For more information, see the PHP changelog.
- The Zend Framework has been upgraded to version 1.12.3
- Checkout improvements:
- You can capture up to 18% more sales by providing customers access to financing using the Bill Me Later service at no additional cost to you.
- You can offer your customers a smoother, more streamlined PayPal Express Checkout experience, which tries alternative payment options when a customer’s credit card is rejected
- Improve the PayPal Express checkout experience by eliminating the following steps in the checkout process:
- The order review page can be enabled or disabled
- Eliminate the necessity of clicking Update Order before Place Order
(Conversion means helping customers stay interested and complete their purchases.)
Security Enhancements
- Addressed a potential cross-site scripting (XSS) vulnerability while creating configurable product variants.
- Addressed a potential security issue that could result in displaying information about a different order to a customer.
- Users can no longer change the currency if the payment method PayPal Website Payments Standard is used.
- Removed an .swf file from the Magento distribution because of security issues.
- Improved file system security.
- Enhanced the security of action URLs, such as billing agreements.
- Addressed a potential session fixation vulnerability during checkout.
- Improved the security of the Magento randomness function.
Changes
- A default setting for configurable and bundled products has changed. When you create a configurable or bundled product in the Admin Panel, click Manage > Products. Create a new configurable or bundled product and click the Design tab. The default option for Display Product Options In has changed to Product Info Column.
- The Google Websites Optimizer has been disabled because it has been deprecated by Google. (In earlier EE versions, this option was available in the Admin Panel at System > Configuration > SALES > Google API > Google Website Optimizer).
- Two new options to prevent «clickjacking» if you run Magento in a frame or iframe:
- Enable frames only in the same domain.
- Enable frames.
Important: For security reasons, Magento strongly recommends against running the Magento software in a frame.
The options are available in the Admin Panel at System > Configuration > ADVANCED > Admin > Security and are named Allow Magento Backend to run in frame and Allow Magento Frontend to run in frame.
Enabling the option causes the X-Frame-Options request header to be sent.
- FedEx changed their endpoints for sandbox and production to the following:
- Production: https://ws.fedex.com/web-services
- Sandbox: https://wsbeta.fedex.com/web-services
Because of these changes, Magento cannot retrieve shipping rate information or print shipping labels for FedEx unless this fix is applied.
- CE 1.9 includes a fix that prevented some Discover credit cards from validating properly. The issue was that certain Discover credit card number ranges were not recognized as being valid. As a result of the fix, all Discover cards should validate properly.Important: This is not a security threat. No data has been compromised or misused. It affects only the ability to validate certain credit card number ranges as valid Discover card numbers.
- The default values for two configuration options changed. Both options can be found in the Admin Panel under System > Configuration > CATALOG > Catalog > Frontend. The new default values follow:
- Products per Page on Grid Allowed Values is now 12, 24, 36.
- Products per Page on Grid Default Value is now 12.
- On the New Rule page for shopping cart price rules (Rule Information tab page), explanatory textUsage limit enforced for logged in customers only was added to the Uses per customer field. This is to avoid confusion encountered by some Magento merchants.
- Changes to PayPal Express checkout:
- Changes to both Proceed to Checkout and to Pay With PayPal:
- Customers cannot edit their billing address on the PayPal site—in fact, the billing address does not display on the PayPal site.
- Magento CE uses the customer’s PayPal address information, not the address information stored in Magento CE. The customer does not need to enter Magento CE or EE address information.
- When the customer is redirected to the PayPal site, they can clickChange next to their payment method to change it.
The Magento administrator can set billing address information in the Admin Panel as follows: System > Configuration > SALES > Payment Methods. For any payment method that includes Express Checkout, in Basic Settings, set the value of the Require Customer’s Billing Address list.
- Changes to Pay With PayPal only:
- If the Magento administrator does not require the customer’s billing address, the customer’s billing address is set to the customer’s PayPalshipping address.
- If the Magento requires the customer’s billing address, the customer’s billing address is set to the customer’s PayPal billing address.
- On the PayPal site, the customer can click Change next to their shipping address to change it. The customer can choose any shipping address configured with PayPal.
- Because the customer’s configured address in Magento is not used, the customer’s shipping address stored in PayPal is never changed.
- Changes to Proceed to Checkout only:
- No Change link displays next to a customer’s shipping address on the PayPal site.
- In the event of a shipping address mismatch between Magento and PayPal, the following message displays when the customer attempts to pay using PayPal: The address you entered on store-name is different than your PayPal preferred shipping address. Return to store-name if you’d like to change the shipping addressThe user can select the Use as preferred shipping address check box to instruct PayPal to change their shipping address.
- Changes to both Proceed to Checkout and to Pay With PayPal:
Tax Calculation Fixes
- Fixed price and dynamic price bundled products where the price is configured to include tax display prices correctly regardless of tax settings. (For example, customer’s default tax rate is different from the origin tax rate.)
- Resolved a one-cent rounding issue when Fixed Product Tax (FPT) is enabled and the option Apply Discount to FPT is set to Yes. (These options are available in the Admin Panel by going to System> Configuration > SALES > Tax > Fixed Product Taxes.)
- Resolved issues with calculating the credit memo amount when FPT is discounted and the customer purchases more than one item.
Fixes
Fixes in this release can be divided into the following categories:
- Web Store and Shopping Cart Fixes
- Promotional Price Rule Fixes
- Administrative Ordering, Invoicing, Credit Memo Fixes
- Import Fixes
- Payment Method Fixes
- Other Fixes
Magento 1.8.1.0 (11.12.2013) – Release Notes
Highlights
Magento CE 1.8.1.0 helps advance overall product quality and ease operations by providing significant tax calculation improvements, a wide range of bug fixes, and several security enhancements.
Tax Calculation Improvements
CE 1.8.1.0 resolves Value Added Tax (VAT) and Fixed Product Tax (FPT) issues so that Magento administrators can create invoices and credit memos to give merchants merchants access to accurate and consistent tax calculations and displays. We’ve also addressed:
- VAT tax calculation issues for cross-border trade
- Tax rounding issues when multiple taxes are applied
- VAT and FPT calculation issues for bundled products
- Support for the Waste Electrical and Electronic Equipment (W.E.E.E.) recycling tax in the EU
Functional Improvements
CE 1.8.1.0 includes bug fixes across important feature areas, including the shopping cart, checkout, content management system, and product import and export function. Many of these updates came from a hackathon held with Magento community developers, which demonstrates the vitality of our development community and their powerful ability to help us advance the platform.
Security Enhancements
CE 1.8.1.0 includes several security enhancements that were identified through our rigorous security assessment process. Magento complements its own comprehensive internal testing with quarterly penetration testing by expert consultants and actively works with the development community to identify security issues in order to harden the platform against potential threats.
Security Enhancements
Magento addressed the following security issues:
- Improved the password hashing algorithm.
Magento thanks Bjorn Kraus for contributing to this fix. - Resolved issues that could have resulted in Cross-Site Request Forgery (CSRF) in the web store.
- Resolved potential issues when issuing Return Materials Authorizations (RMAs).
Magento thanks Ivan Chepurnyi for contributing to this fix. - Resolved a session fixation issue when registering a user with the web store.
- Resolved a cross-site scripting (XSS) issue reported in CE 1.8.0.0.
Magento thanks Myke Hines, Fox, and Opteros for contributing to this fix. - Resolved issues with the expiration of file-based user sessions.
- Resolved issues that could have resulted in Remote File Inclusion (RFI) vulnerabilities.
- Addressed vulnerabilities in OAuth code.
- Closed a potential loophole that enables another user to possibly access personal information when viewing billing agreements.
Magento thanks Darryl Adie and Ampersand Commerce for contributing to this fix. - Fixed the security settings for the frontend cookie to protect user sessions.
Fixes
Fixes in this release can be divided into the following categories:
- Shopping Cart and Checkout Fixes
- Import and Export Fixes
- Shipping Fixes
- Other Fixes
Magento 1.8.0.0 (25.09.2013) – Release Notes
Highlights
- Major overhaul of tax calculation formulas, correction of rounding errors, and additional assistance with configuration.
- Optimized cache adapters for single-server systems
- Upgraded Redis cache adapters for multi-server systems.
To set up and use Redis with Magento, see Using Redis with Magento Community Edition (CE) and Enterprise Edition (EE). - Eliminated many types of database deadlocks.
Security Enhancements
- Errors are not displayed in a new Magento installation.
- Fixed a session fixation vulnerability in the new user registration process. Attackers can no longer abuse this flaw to take over new user accounts during registration.
- Resolved a remote code execution vulnerability that enabled an attacker to delete files and directories on the Magento installation. (The attack required access to the Admin Panel as a Magento administrator.)
- Prevent attacks that use OAuth to leak sensitive information to an attacker that knows the consumer key and user token.
- Resolved an issue that enabled attackers to gain access to billing information.
We thank Darryl Adia (from Ampersand Commerce) for contributing to this fix. - Resolved issues with the security of OAuth tokens and keys.
- A remote code execution vulnerability was fixed.
We thank Bastian Ike for contributing to this fix. - The Magento Admin Panel and web stores no longer allow web browsers to store user names or passwords.
- The Magento web store has additional Cross Site Request Forgery (CSRF) protections, meaning an imposter can no longer impersonate a newly registered customer and perform actions on the customer’s behalf.
- The cryptographic methods used to store passwords were improved to enhance security.
Performance Improvements
- Limited the way Magento performs large database lookups.
- Checkout performance improvements achieved by:
- Eliminating unnecessary RSS cache cleanups when RSS functionality is disabled
- The locale used to send a new order confirmation e-mail now first checks to see if the customer’s locale is the same as the store’s locale before attempting to localize the e-mail.
- Improving the overall checkout process performance by loading the progress information for the current checkout step only
- You can load a large number of tax codes (35,000 or so) without impacting performance.
Tax Calculation Fixes
Tax calculation issues can be divided into the following sections:
- General Tax Notes
- Rounding Error Fixes
- Fixed Product Tax (FPT) Fixes
- Discount Calculation Fixes
- Display Fixes
Fixes
Fixes in this release can be divided into the following categories:
- Web Store and Shopping Cart Fixes
- Promotional Price Rule Fixes
- Administrative Ordering and Credit Memo Fixes
- Import Fixes
- Payment Fixes
- Other Fixes
Various API fixes.
Magento 1.7.0.2 (Jul 5, 2012) – Release Notes
Fixes
- Security vulnerability in Zend_XmlRpc – http://framework.zend.com/security/advisory/ZF2012-01
- Fixed: PayPal Standard does not display on frontend during checkout with some merchant countries
Magento 1.7.0.1 (Jun 20, 2012) -Release Notes
Major Highlights
- Improved the backend configuration UI for PayPal payment solutions
Improvements
- Added the functionality for creating nested field sets in the System configuration
- Implemented the support for the extended and shared configuration fields
- Added the ability to define dependencies between fields from different field sets
Magento 1.7.0.0 (Apr 24, 2012) – Release Notes
Major Highlights
- Optimized Layered Navigation for pricing
- Added CAPTCHA support for admin and customer users
- Added different base price per customer group
- Added auto generation of coupon codes
- Improved the basic Backup and Rollback functionality
- Added EU VAT ID validation service integration
- Implemented DHL for Europe
- Added REST API
- Mobile theme was redesigned
- Implemented the frontend Cookie Restriction functionality (EU cookie law compliance)
- Added the Cash On Delivery and Bank Transfer payment method
Improvements
- XmlConnect package release v22.1
- Upgraded TinyMCE to v3.4.7
- Added the ability to translate action array parameter nodes in the layout.xml
- Added the support for using custom currency symbols
- Added the functionality for cleaning old cache files by cron tasks
- Refactored rules-based modules
- Improved customer address handling for PayPal Express checkout
- Added the ability to customize a store logo in emails from an admin
- Refactored the escaping functionality used for translations
- Added the ability to turn off/on IP tracking (e.g. ‘Placed from IP’, displayed on the order-related pages in the backend)
- Provided the logic for disabling ACL resources in configuration files
- Added additional placeholders for extension developers
Magento 1.6.0.0 (Aug 18, 2011) – Release Notes
Major Highlights
- Minimum Advertised Price
- Persistent Shopping Cart
- Shipping Integration with Label printing support
Improvements
- XmlConnect package release v21
- Order Payment Action for Express Checkout (PayPal)
– Added settings Authorization Honor Period and Order Valid Period into EC tab in the backend
– Automatically new authorize transaction created after order transaction
– Automatically cancel order after the expiration of Order Valid Period
– Automatically authorize transaction void\create after the expiration of Authorization Honor Period - Implemented Authorize.Net ‘hold for review’ status shows up as ‘declined’ in Magento
- Add Dynamic sku option for configurable products
- Moneybookers Multistore System Configuration
- Moneybookers OBT Defaults
- PrototypeJS upgraded to 1.7