OXID eShop 6.5.3

Release date: 01-08-2023

With OXID eShop 6.5.3 we close a security vulnerability.

The package guzzlehttp/psr7 version 2.4.3 affected by a security vulnerability (NVD - CVE-2022-24775) is no longer included in the OXID eShop EE compilation. The package became part of the EE compilation as a dependency by version 1.0.1 of the Unzer Payment for OXID payment module.

For more informationen, see our Security-Bulletin 2023-002.

Other improvements:

  • With PAYONE 1.9.0, new payment methods are available for selection.

  • With Unzer 1.1.1, the new payment method Unzer Invoice (Paylater) is available. We have also made numerous improvements to the module.

  • Makaira 1.4.5 contains improvements.

We have also improved minor bugs.

Improvements and adjustments

Display changes in the compilation in the metapackage under https://github.com/OXID-eSales/oxideshop_metapackage_ce/compare/v6.5.2…v6.5.3.

Display corrections in the bugtracker under https://bugs.oxid-esales.com/changelog_page.php?version_id=725.

Updated components

We have updated the following components and modules:

Components of the compilation

The compilation contains the following components:

Installation

To install or upgrade, follow the instructions in the Installation section:

New installation
Installing a minor update
Installing a patch update