Magento is releasing Community Edition 188.8.131.52 today to address issues encountered by some merchants in our October 12 product release. It is critical for all merchants to either upgrade to Community Edition 184.108.40.206 or apply our latest patch, SUPEE-8788, to close several serious security vulnerabilities.
Upgrade or Apply the SUPEE-8788 Patch
The new software is available in the Release Archive of the Community Edition Download Page. If you haven’t upgraded yet, you can skip the release published on October 12, and go directly to Community Edition 220.127.116.11. If you have addressed issues in Community Edition 1.9.3 with a community-created module, such as https://github.com/digitalpianism/bugfixes, we still strongly recommend that you upgrade to the new release.
Community Edition 18.104.22.168 resolve the following issues:
- Search results return all store products
- Some integrations using Magento APIs no longer work
- Bundled product prices do not update
- Store-specific attribute labels disappear
- Auto generated passwords do not work for some customers
- Exceptions appear for stores with disabled breadcrumbs
- Shipping rules may not be calculated correctly in some cases
- PHP warnings occur with the session timestamp variable
- CSRF form key is not changed after logout
- Login attempts log protection table is not cleaned properly
Full details are available in the release notes.
Please install and test the new update in a development environment before putting it into production.