While there are no confirmed attacks related to these vulnerabilities to date, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions. We recommend that you upgrade your existing Magento software to the latest version as soon as possible.
Come to this newest version of Magento, users can experience 15 security enhancements and 1 prominent function.
Highlights
Various high priority and essential security issues get solved:These critical issues include remote code execution for authenticated Admin users, access control bypass, and cross-site request forgery issues.
Reversion of the changes to image resizing that we introduced in 2.1.6Certain image resizing changes introduced unanticipated problems. We have reverted these changes in this release, and will provide improvements to image resizing in a future product update.
How to upgrade your current version to be compatible with magento 2.1.7
- 2.1.0 - 2.1.5:
no action anymore
- 2.1.6 without image resizing hot fix (CE-MAGETWO-67805.patch and EE-MAGETWO-67805.patch)
After upgrading, run the following command
bin/magento catalog:images:resize command
- 2.1.6 with image resizing hot fix (CE-MAGETWO-67805.patch and EE-MAGETWO-67805.patch)
1. Delete the image resizing patch before upgrading to 2.1.7
2. After upgrading, run the following command:
bin/magento catalog:images:resize
Note: As of June 30, 2017, MasterCard may fine merchants who do not support cards that use their recently expanded range of BIN numbers. Transactions for customers that use cards with these new BINs will fail if your software does not support these new BIN numbers. If you are running Magento 2.1.3 or later, your Magento software already provides support for these new BINs.
System requirements
Technology stack is built on PHP and MySQL.
Install Magento Software
You can get Magento Community Edition 2.1 from Github, Composer, or using a compressed archive.
Get the Magento CE software using Composer
The CE software is available from coderepo.magento.com. Before getting the CE software, familiarize yourself with the Composer metapackage prerequisites, then run
composer create-project --repository-url=https://repo.magento.com/ magento/project-community-edition="version" "installation_directory_name"
where "version" is 2.1.0, 2.1.1, and so on
Get a compressed archive
This kind of installation is the same as almost of Magento Themes that you get from ThemeForest Porfolios. There are 2 ways of Installation:
- Option 1: QuickStart Installation
- Option 2: Manual Installation
QuickStart Installation helps users have the same website as the providers' demo. All the thing you have to do is to import the sample data. This way is suitable for the individuals who have the first try of Magento.
Manual Installation is used when you have your own data and you do not want to overwrite it.
NOTE: Archives are available in the following formats: .zip, .tar.bz2, .tar.gz
If you still have problems, see this video to have visually details
MagenTech has recently upgraded almost of Magento 2 Themes to be compatible with The Latest version of Magento 2.1.7. Check them and have amazing time of using this HOT UPDATE!
