Post by wafflemeister » Tue Oct 08, 2019 8:43 am

Hi,

I was wondering if there is a security patch for 1.5.6.4 that I could install rather than have to upgrade for now? If not, I would be interested in consulting and hiring someone who could manually fix known security vulnerabilities.

Thank you.

Sevan

New member

Posts

Joined
Fri Jun 21, 2013 11:10 pm

Post by IP_CAM » Tue Oct 08, 2019 3:47 pm

You could send me an email, and I will give you the details on this.
Ernie
ernst@jacob.ch

Please don't send me OC Forum Personal Messages, just contact: jti@jacob.ch
---
OC 1.5.6.5 LIGHT Test Site: http://www.bigmax.ch/shop/
OC 1.5.6.5 V-PRO Test Site: http://www.openshop.li/shop/
My Github OC Site: https://github.com/IP-CAM
2'600+ FREE OC Extensions on the World's largest Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by johnp » Tue Oct 08, 2019 4:36 pm

I would upgrade to 1.5.6.5. Much easier. :)

Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD 2.6.1 lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk


User avatar
Active Member

Posts

Joined
Fri Mar 25, 2011 10:25 am
Location - Surrey, UK

Post by ADD Creative » Tue Oct 08, 2019 11:42 pm

I don't believe the the unofficial versions of 1.5.6.5 will contain all the latest security patches. There have been vulnerabilities reported this year that will affect 1.5.x versions. Please correct me if I am wrong.

I help maintain a fork of OpenCart 1.5.5 on GitHub with the latest patches and about 300+ other bug fixes. Haven't done 1.5.6 yet as it's mainly 1.5.5 with OpenBay (may have its own extra issues) and a few payment modules added.

www.add-creative.co.uk


Active Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by IP_CAM » Wed Oct 09, 2019 2:55 am

I don't believe the the unofficial versions of 1.5.6.5 will contain all the latest security patches
That's partly correct, at least, when it comes small changes, like placing an INT in
places like here:
OLD:

Code: Select all

		if (isset($this->request->get['page'])) {
			$page = $this->request->get['page'];
		} else {
			$page = 1;
NEW:

Code: Select all

		if (isset($this->request->get['page'])) {
			$page = (int)$this->request->get['page'];
		} else {
			$page = 1;
Ernie

Please don't send me OC Forum Personal Messages, just contact: jti@jacob.ch
---
OC 1.5.6.5 LIGHT Test Site: http://www.bigmax.ch/shop/
OC 1.5.6.5 V-PRO Test Site: http://www.openshop.li/shop/
My Github OC Site: https://github.com/IP-CAM
2'600+ FREE OC Extensions on the World's largest Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by johnp » Wed Oct 09, 2019 3:13 am

You know your stuff Ernie. :)

Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD 2.6.1 lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk


User avatar
Active Member

Posts

Joined
Fri Mar 25, 2011 10:25 am
Location - Surrey, UK

Post by ADD Creative » Wed Oct 09, 2019 5:40 am

If you are referring to https://github.com/opencart/opencart/issues/7218. That's not a security issue, just preventing warnings added to PHP 7.1.

www.add-creative.co.uk


Active Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by IP_CAM » Wed Oct 09, 2019 8:07 am

Well, whatever shows up, not supposed to exist by default, is an error to me ... :laugh:
But it's officially confirmed, and that's all, what counts! ;)

And to work with PHP7+, the 1.5.6.x system/library/encryption.php file needs to replaced,
like in OC2+ Versions too, it's exactly the same file, just to have this mentioned too: ;)
viewtopic.php?f=202&t=206794&p=733801#p733629
Ernie

Please don't send me OC Forum Personal Messages, just contact: jti@jacob.ch
---
OC 1.5.6.5 LIGHT Test Site: http://www.bigmax.ch/shop/
OC 1.5.6.5 V-PRO Test Site: http://www.openshop.li/shop/
My Github OC Site: https://github.com/IP-CAM
2'600+ FREE OC Extensions on the World's largest Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: No registered users and 61 guests