I had this one email and am surprised it isnt here on the forum,
BUt I get this error when trying to download the fix
any one else have problems
I had this one email and am surprised it isnt here on the forum,
BUt I get this error when trying to download the fix
any one else have problems
Hi johnbol1
I hope you have had some luck downloading the security fix.
I had to fetch mine from help centre but had no luck
trying to upload it ( cscart_v4.15.1.SP3 ) from my PC.
ErrorUnable to read package schema (schema.json)
So...I followed Step 2.
Find the "Security Fixes for 4.6.1 - 4.15.x" add-on in the "Updates" folder in the File Area in Help Desk. Download it and install the add-on from the archive. This add-on closes multiple security vulnerabilities in CS-Cart and Multi-Vendor 4.x.x.
Installed this add on but not sure if it alone did the trick because I still can't upload the fix
( cscart_v4.15.1.SP3 ) from PC.
Hi.
I can confirm that the email is legit. With security issues, we normally go “emails first, forum second” because of 2 reasons:
- Not everyone who uses CS-Cart uses the forum. This community is a very small part of CS-Cart user base.
- Someone who doesn’t use CS-Cart might still be using the forum to keep track of news, security issues included.
We had to temporarily pause the updates to 4.15.1.SP3, because despite our efforts to make the upgrade as hassle-free as possible, the SP still had compatibility issues with some third-party add-ons and themes. We’ll soon provide a solution that works better with the third-party add-ons and themes you might have.
The “Cannot download the upgrade package” issue may have occurred because the Upgrade Center received information that SP3 was available, whereas the updates were already paused. In such cases. The best way to check is to click the gear button and choose “Refresh available upgrades”. If the upgrade disappears
Do you mean that the following hasn’t offered me any protection ?
Find the “Security Fixes for 4.6.1 - 4.15.x” add-on in the “Updates” folder in the File Area in Help Desk. Download it and install the add-on from the archive. This add-on closes multiple security vulnerabilities in CS-Cart and Multi-Vendor 4.x.x.
Do you mean that the following hasn't offered me any protection ?
I can't download SP3. See below. What's up?
[attachment=15593:cannot-download.jpg]
We put the SP3 on hold because it caused issues with third-party add-ons and themes (such as the popular UniTheme 2). We've fixed those issues with SP4, and will soon make the official announcement in a separate topic.
P.S. I've also changed the name of this topic, so that it wouldn't compete with the official announcement.
There's now [url=https://forum.cs-cart.com/topic/67769-critical-security-issue-in-cs-cart-and-multi-vendor-461-4151/#entry352903]another topic that has more up-to-date info on this matter[/url].