#Magento Patches
The following grid was supplied by John Knowles
Twitter: @knowj
The Grid is here (With living Colour) https://docs.google.com/spreadsheets/d/1MTbU9Bq130zrrsJwLIB9d8qnGfYZnkm4jBlfNaBF19M/edit#gid=0
Blog Post: http://www.wearejh.com/development/security-our-clients-are-fully-patched-are-you/
| Dates | 07/07/2015 | 15/05/2015 | 12/02/2015 | 12/02/2015 | 12/02/2015 | 12/02/2015 | 12/02/2015 | 03/10/2014 | 12/12/2013 | 12/12/2013 | 12/12/2013 | 12/12/2013 | 02/11/2013 | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Version | Release Date | SUPEE-6285 | SUPEE-5994 | SUPEE-5390 | SUPEE-5388 | SUPEE-5346 | SUPEE-5345 | SUPEE-5344 | SUPEE-1533 | SUPEE-2518 | SUPEE-2529 | SUPEE-2530 | SUPEE-2531 | Zend Security Upgrade |
| Enterprise | ||||||||||||||
| 1.14.2.0 | Required | Required | Not Supported | Not Supported | Not Supported | Not Supported | Not Required | Not Required | Not Required | Not Required | Not Required | Not Required | Not Required | |
| 1.14.1.0 | Required | Required | Not Supported | Not Supported | Not Supported | Not Supported | Required | Not Required | Not Required | Not Required | Not Required | Not Required | Not Required | |
| 1.14.0.1 | Required | Required | Not Supported | Not Supported | Not Supported | Not Supported | Required | Not Required | Not Required | Not Required | Not Required | Not Required | Not Required | |
| 1.14.0.0 | Required | Required | Not Supported | Not Supported | Not Supported | Not Supported | Required | Not Required | Not Required | Not Required | Not Required | Not Required | Not Required | |
| 1.13.1.0 | Required | Required | Not Supported | Not Supported | Not Supported | Not Supported | Required | Required | Not Required | Not Required | Not Required | Not Required | Not Required | |
| 1.13.0.2 | Required | Required | Not Supported | Not Supported | Not Supported | Not Supported | Required | Required | Required | Not Supported | Not Supported | Not Supported | Not Required | |
| 1.12.0.2 | Required | Required | Not Supported | Not Supported | Not Supported | Required | Not Supported | Required | Required | Not Supported | Not Supported | Not Supported | Not Required | |
| 1.12.0.1 | Required | Required | Not Supported | Not Supported | Not Supported | Required | Not Supported | Required | Required | Not Supported | Not Supported | Not Supported | Required | |
| 1.12.0.0 | Required | Required | Not Supported | Not Supported | Not Supported | Required | Not Supported | Required | Required | Not Supported | Not Supported | Not Supported | Required | |
| 1.11.1.0 | Required | Required | Not Supported | Not Supported | Required | Not Supported | Not Supported | Required | Required | Not Supported | Not Supported | Not Supported | Required | |
| 1.11.0.2 | Required | Required | Not Supported | Not Supported | Required | Not Supported | Not Supported | Required | Required | Not Supported | Not Supported | Not Supported | Required | |
| 1.11.0.0 | Required | Required | Not Supported | Not Supported | Required | Not Supported | Not Supported | Required | Required | Not Supported | Not Supported | Not Supported | Required | |
| 1.10.1.1 | Required | Required | Not Supported | Unknown | Not Supported | Not Supported | Not Supported | Required | Required | Not Supported | Not Supported | Not Supported | Required | |
| 1.10.1.0 | Required | Required | Not Supported | Required | Not Supported | Not Supported | Not Supported | Required | Required | Not Supported | Not Supported | Not Supported | Required | |
| 1.10.0.2 | Required | Required | Required | Not Supported | Not Supported | Not Supported | Not Supported | Required | Not Supported | Required | Not Supported | Not Supported | Required | |
| 1.10.0.1 | Required | Required | Required | Not Supported | Not Supported | Not Supported | Not Supported | Required | Not Supported | Required | Not Supported | Not Supported | Required | |
| 1.9.1.1 | Required | Required | Required | Not Supported | Not Supported | Not Supported | Not Supported | Required | Not Supported | Required | Not Supported | Not Supported | Required | |
| 1.9.0.0 | Required | Required | Required | Not Supported | Not Supported | Not Supported | Not Supported | Required | Not Supported | No Patch? | No Patch? | Not Supported | Required |
| | | | | | | | | | | | | |
Dates | | 07/07/2015 | 15/05/2015 | 12/02/2015 | 03/10/2014 | 17/01/2014 | | | | | | | |
Version | Release Date | SUPEE-6285 | SUPEE-5994 | SUPEE-5344 | SUPEE-1533 | APPSEC-212 | | | | | | | |
Community | | | | | | | | | | | | | |
1.9.2.0 | 07/07/2015 | Not Required | Not Required | Not Required | Not Required | Not Required | | | | | | | |
1.9.1.1 | 01/05/2015 | Required | Required | Not Required | Not Required | Not Required | | | | | | | |
1.9.1.0 | 24/11/2014 | Required | Required | Required | Not Required | Not Required | | | | | | | |
1.9.0.1 | 15/05/2014 | Required | Required | Required | Required | Not Required | | | | | | | |
1.9.0.0 | 13/05/2014 | Required | Required | Required | Required | Not Required | | | | | | | |
1.8.1.0 | 11/12/2013 | Required | Required | Required | Required | Required | | | | | | | |
1.8.0.0 | 25/09/2013 | Required | Required | Required | Required | Required | | | | | | | |
1.7.0.2 | 05/07/2012 | Required | Required | Required | Required | Required | | | | | | | |
1.7.0.1 | 20/06/2012 | Required | Required | Required | Required | Required | | | | | | | |
1.7.0.0 | 24/04/2012 | Required | Required | Required | Required | Required | | | | | | | |
1.6.2.0 | 11/01/2012 | Required | Required | Required | Required | Required | | | | | | | |
1.6.1.0 | 19/10/2011 | Required | Required | Required | Required | Required | | | | | | | |
1.6.0.0 | 18/08/2011 | Required | Required | Required | Required | Required | | | | | | | |
1.5.1.0 | 26/04/2011 | Required | Required | Required | Required | Required | | | | | | | |
1.5.0.1 | 09/02/2011 | Required | Required | Required | Required | Required | | | | | | | |
1.4.2.0 | 08/12/2010 | Required | Required | Required | Required | Required | | | | | | | |
1.4.1.1 | 26/07/2010 | Required | Required | Required | Required | Required | | | | | | | |
1.4.1.0 | 10/06/2010 | Required | Required | Required | Required | Required | | | | | | | |
1.4.0.1 | 19/02/2010 | Required | Required | Required | Required | Required | | | | | | | |
1.4.0.0 | 12/02/2010 | Required | Required | Required | Required | Required | | | | | | | |
| | | | | | | | | | | | | |
Key | | | | | | | | | | | | | |
Required | | | | | | | | | | | | | |
Not Required | | | | | | | | | | | | | |
Not Supported | | | | | | | | | | | | | |
Magento's SUPEE-6788 patch is a mess for developers. There are a number of breaking changes, affecting 800+ of the most popular extensions and many customizations.
This script attempts to find and automatically resolve major problems from the patch. Details on usage and internals are below, but at a high level:
The analyze step goes through all extensions looking for anything using custom admin routers (the major outdated change), and produces a list of every module affected, the bad XML and PHP code, and exactly what should be changed to resolve it. It also looks at every CMS page, static block, and email template for any blocks or configuration that are not known to be on the new whitelist. All of this is purely informational, to inform you of the state of the Magento installation and what will be involved in fixing it.
The fix step automatically applies as many of the identified changes as it can. Not every possible module and situation can be resolved automatically, but this should save a vast amount of time for the ones that can.
This is not the end-all/be-all solution to fixing conflicts from the patch. It is intended to minimize the time and risk involved in diagnosing and fix SUPEE-6788 patch conflicts for someone already well-versed in Magento development. The information produced will not be accessible to anyone unfamiliar with Magento routing.
If you need help, let us know. Contact details at the bottom.
WARNING: This script is destructive. If you apply the changes, it WILL overwrite existing files with the changes noted. Back up your site before applying any changes, and trial it first on a development copy if at all possible.
- Backup your website.
- Upload fixSUPEE6788.php to {magento}/shell/fixSUPEE6788.php
- To analyze: Run from SSH:
php -f fixSUPEE6788.php -- analyze - To apply changes: Run from SSH:
php -f fixSUPEE6788.php -- fix - To fix missing whitelist entries only: Run from SSH:
php -f fixSUPEE6788.php -- fixWhitelists - Additional option:
recordAffected- If given, two files will be written after running:var/log/fixSUPEE6788-modules.logcontaining all modules affected by the patch, andvar/log/fixSUPEE6788-files.logcontaining all files the script would/did modify. Use this to grab an archive of modified files (tar czf modified.tar.gz -T var/log/fixSUPEE6788-files.log), or weed out any files/modules for the fix whitelist. - Excluding files and modules: If given,
shell/fixSUPEE6788-whitelist-modules.logandshell/fixSUPEE6788-whitelist-files.logwill be loaded, and any files/modules included will be left out of all analysis and fixes. Format should be identical to the files produced byrecordAffected. - Command with options:
php -f fixSUPEE6788.php -- analyze recordAffected
All results are output to screen and to var/log/fixSUPEE6788.log.