OXID eShop 6.5.3
Release date: 01-08-2023
With OXID eShop 6.5.3 we close a security vulnerability.
The package guzzlehttp/psr7 version 2.4.3 affected by a security vulnerability (NVD - CVE-2022-24775) is no longer included in the OXID eShop EE compilation. The package became part of the EE compilation as a dependency by version 1.0.1 of the Unzer Payment for OXID payment module.
For more informationen, see our Security-Bulletin 2023-002.
Other improvements:
With PAYONE 1.9.0, new payment methods are available for selection.
With Unzer 1.1.1, the new payment method Unzer Invoice (Paylater) is available. We have also made numerous improvements to the module.
Makaira 1.4.5 contains improvements.
We have also fixed minor bugs.
Improvements and adjustments
Display changes in the compilation in the metapackage under https://github.com/OXID-eSales/oxideshop_metapackage_ce/compare/v6.5.2…v6.5.3.
Display corrections in the bugtracker under https://bugs.oxid-esales.com/changelog_page.php?version_id=725.
Updated components
We have updated the following components and modules:
OXID eShop CE (Update from 6.14.0 to 6.14.1): Changelog 6.14.1
PAYONE (Update from 1.8.0 to 1.9.0): Changelog 1.9.0
Unzer Modul (Update from 1.0.1 to 1.1.1): Changelog 1.1.1
Makaira (Update from 1.4.3 to 1.4.5): Changelog 1.4.5
Components of the compilation
The compilation contains the following components:
OXID eShop CE 6.14.1: Changelog 6.14.0
OXID eShop composer plugin 5.2.2: Changelog 5.2.2
Theme “Flow” 3.8.1: Changelog 3.8.1
Theme “Wave” 1.8.0: Changelog 1.8.0
GDPR Opt-In 2.3.3: Changelog 2.3.3
Klarna 5.5.3: Changelog 5.5.3
OXID Cookie Management powered by usercentrics 1.2.1: Changelog 1.2.1
PAYONE 1.9.0: Changelog 1.9.0
PayPal 6.5.0: Changelog 6.5.0
WYSIWYG Editor + Mediathek 2.4.2: Changelog 2.4.2
Makaira 1.4.5: Changelog 1.4.5
Unzer Payment für OXID 1.1.1 (EE): Changelog 1.1.1
Installation
To install or upgrade, follow the instructions in the Installation section:
New installation
Installing a minor update
Installing a patch update