Yondu

Magento Open Source 2.1.15 2.1.15

No permission to download
We are pleased to present Magento Open Source 2.1.15. This release includes multiple enhancements to product security plus bug fixes and enhancements. Check out the many community-contributed fixes!

Although this release includes these enhancements, no confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions, so we recommend that you upgrade your Magento software to the latest version as soon as possible.

See Magento Security Center for a comprehensive discussion of these issues. All exploitable security issues fixed in this release (2.1.15) have been ported to 2.2.6, 1.14.3.10, and 1.9.3.10, as appropriate.

Highlights
Magento 2.1.15 conrtains 25 security fixes and enhancements. See Magento Security Center for more information.

Fixed issues
In addition to security enhancements, this release contains the following functional fixes.

Installation, configuration, and deployment
  • The Module Manager now correctly displays the list of modules (System > Tools > Web Setup Wizard > Module Manager). Previously, Magento threw an error when you tried to display the module list. Fix submitted by Vijay Golani in pull request 15756. GitHub-15192
Banner
  • Banners are now visible only when their associated rules are applied.
Catalog
  • The Magento\Catalog\Model\ResourceModel\Category\Collection::joinUrlRewrite method now uses the storeId value set on the actual collection of the store rather than the storeId retrieved from the store manager. Fix submitted by Alessandro Pagnin in pull request 13756. GitHub-13704

  • Magento now uses data-container="product-list" instead of data-container="product-grid" when displaying a product list. Fix submitted by Viral Vasara in pull request 15816. GitHub-15319

  • Magento has improved the accuracy of prices requiring more than two digits that are listed on the Product page. Previously, when a product price was represented by more than two digits (for example, $5.43), JavaScript settings always used the rounding logic for two digits only. (For example, the amount 9.4880 was displayed as 9.49.) Fix submitted by Dmytro Cheshun in pull request 15926. GitHub-14249
Cart and checkout
  • The minicart now displays product names that contain special characters. Fix submitted by ampulos in pull request 14665. GitHub-13652
CMS content
  • You can now successfully upload logo images in Internet Explorer. Previously, Magento did not upload the image, but instead displayed this error: Object doesn't support property or method 'set'.

  • CSS minification is now compatible with CSS3 calc() function. GitHub-8552
Customer
  • Magento now preserves the user group ID when using /V1/customers/:customerId (PUT). Previously, Magento set the customer group ID to 1 when you called /V1/customers/:customerId (PUT) and the customer had an assigned group ID. Fix submitted by André Ferraz in pull request 14757. GitHub-14663
Directory
  • Magento now supports Canadian Postal codes without spaces as expected. Fix submitted by Hitesh in pull request 16031. GitHub-13899
Email
  • Administrators can now add a parameter to app/etc/env.php: user_admin_email. This parameter ensures that when a new administrator account is created, Magento sends an email to default store’s email and, if present, to an email address defined in user_admin_email.
Framework
  • Magento now leaves at least one record after cleaning up the changelog tables after restarting MySQL. Previously, the product version_id lost the most recent auro_increment value after restarting MySQL. Fix submitted by Oleksandr Kravchuk in pull request 14471. GitHub-14465

  • Magento now displays custom price symbols as expected. Previously, when a merchant created variations of a configurable product, product prices were not readable if they contained a custom price symbol. Fix submitted by Yaroslav Rogoza in pull request 14471. GitHub-14902


General
  • The product video feature is now GDPR-compliant.

  • Magento now checks that a product is assigned to a specific website in a multistore environment before a customer can write a product review. Previously, a customer could write a review for a product that was not assigned to the store they were logged in to. Fix submitted by afirlejczyk in pull request 14673.

  • The transport event parameter has been changed from type Array() to type DataObject. This is a reversion of a change that was made in an earlier release. Fix submitted by gwharton in pull request 16601. GitHub-10210

  • Merchants can now place an order for a grouped product where the quantity of subproducts is less than one unit. Fix submitted by Yaroslav Rogoza in pull request 15407. GitHub-14692

  • Magento now sets the trigger_recollect attribute back to 0 after collecting total amounts for the quote. Previously, Magento timed out if a customer tried to reload a quote. Fix submitted by Yaroslav Rogoza in pull request 15522. GitHub-9580

  • Magento no longer recalculates prices unnecessarily when refreshing the Catalog page, which has improved product performance. Fix submitted by Jeroen Van Leusden in pull request 15445. GitHub-14941

  • The annotation for the formatDateTime function in the lib/internal/Magento/Framework/Stdlib/DateTime/TimezoneInterface.php file has been corrected. The locale and timezone have been changed to param string|null $locale and @param string|null $timezone. Fix submitted by Vishal Gelani in pull request 15668. GitHub-15668

  • The annotation for the formatDateTime function in the lib/internal/Magento/Framework/Stdlib/DateTime/TimezoneInterface.php file has been corrected. The locale and timezone have been changed to param string|null $locale and @param string|null $timezone. Fix submitted by Vishal Gelani in pull request 15669. GitHub-15601

  • We’ve refactored the JavaScript code in the split.phtml template file for the button widget. Fix submitted by Vijay Golani in pull request 15736. GitHub-15354

  • The misspelling of setCategoryIds has been corrected throughout the code base. Fix submitted by Viral Vasara in pull request 15814.

  • Customers can now successfully download and export PDFs after logging in. Previously, customers were redirected to the Admin when trying to download or export data to a PDF right after logging in. Fix submitted by Sanjay Patel in pull request 15767. GitHub-15510

  • select elements now display with the styles you set in _theme.less as expected. Fix submitted by Hitesh in pull request 15796. GitHub-15608

  • Client-side email validation now works in Internet Explorer 11.x the same way as it does in Chrome. Previously, a leading or trailing space on the following pages resulted in client-side validation failure in Magento stores deployed on Internet Explorer 11.x. Fix submitted by Piyush Dankhara in pull requests 15874 and 16297. GitHub-6058
    • Customer Account Login page email field

    • Customer Account create page

    • Customer Authentication popup when the Allow Guest Checkout is set to No

  • .limiter now has the same parent selectors (similar to .pages) to prevent clashes between styles and layouts. Previously, .limiter was too generic and was used as single selector for floating the element. Fix submitted by Hitesh in pull request 15880. GitHub-15323

  • Changing the @tab-content__border variable now affects on the tabs content border as expected. Fix submitted by Hitesh in pull request 15917. GitHub-14999

  • The Multiple Payment Methods Enabled setting now works as expected. Previously, Magento threw this error when this setting was enabled: Found 3 Elements with non-unique Id. Fix submitted by Viral Vasarain pull request 15834. GitHub-15348

  • Primary buttons now have new LESS variables that permit you to change font-weight, font-size, and font-family without changing default button attributes. Fix submitted by Chirag Matholiya in pull request 16037. GitHub-15832

  • We’ve added a space between the category page and the main footer on pages using a single column layout. Fix submitted by Sanjay Patel in pull request 15727 GitHub-12601

  • Customers can now successfully log in after resetting their password. Previously, Magento displayed this error “You did not sign in correctly or your account is temporarily disabled” even though the new password hash had been updated in the customer entity. Fix submitted by Vishal Gelani in pull request 16255. GitHub-15255


  • The JavaScript code in the app/code/Magento/Tax/view/adminhtml/templates/class/page/edit.phtml file has been refactored to meet Magento coding standards. Fix submitted by Vishal Gelani in pull request 16270. GitHub-15352

  • Magento now correctly aligns page elements on the home page and category page of the Hot Seller section. Fix submitted by Chirag Matholiya in pull request 16287. GitHub-15213



  • Users assigned a Restricted User role no longer receive the message Something went wrong when viewing orders.

  • Magento no longer unnecessarily displays this warning when a customer opens a product page: The property price is not valid. GitHub-7173
Infrastructure
  • The Layout.eventManager now correctly dispatches the layout_render_before events before Magento renders the current layout.
JavaScript
  • The Shipping and Estimate Tax page now correctly displays country, city, and postal code fields. Fix submitted by Vishal Gelani in pull request 16491. GitHub-8222
Newsletter
  • Magento now displays the newsletter subscription confirmation message as expected after a customer clicks the confirmation link in the subscription confirmation email. Fix submitted by Rahul Kachhadiya in pull request 15860. GitHub-14747
Quote
  • Magento no longer throws an error when trying to load the quote item collection using the Magento\Quote\Model\ResourceModel\QuoteItem\Collection::getItems() method. Fix submitted by Neeta Kangiya in pull request 15829.
Sales
  • Magento now supports GNU free fonts in invoice and shipment PDFs. Previously, PDFs containing Arabic, Russian, Greek, Indian, or Thai alphabets did not correctly render those characters. Fix submitted by Ross in pull request 15829. GitHub-9666, GitHub-12323

  • An exported invoice’s CSV file now contains information specific to the selected invoice only. Previously, when you selected Invoices > Export > CSV, and opened the CSV file, the exported file contained information from more than the selected invoice. Fix submitted by Yaroslav Rogoza in pull request 14903.

Search
Sitemap
Swagger
  • The REST API schema is now compatible with search criteria. The searchCriteria parameters builder now contains a zero index to the array signifier, which supports generation of the correct response when a user tests a method with search criteria parameters in Swagger. Fix submitted by Vishal Gelani in pull request 15945. GitHub-11477
Translations
Author
Yondu
Downloads
0
Views
24
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from Yondu