From 285538de4599ad9d407958b75b8bab6a80d49af5 Mon Sep 17 00:00:00 2001 From: Krystian Podemski Date: Tue, 7 May 2024 13:41:21 +0200 Subject: [PATCH 1/6] Release notes for PrestaShop 8.1.6 --- .../prestashop-8-1-6-maintenance-release.md | 41 +++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 content/news/releases/prestashop-8-1-6-maintenance-release.md diff --git a/content/news/releases/prestashop-8-1-6-maintenance-release.md b/content/news/releases/prestashop-8-1-6-maintenance-release.md new file mode 100644 index 0000000000..81eb8cbdba --- /dev/null +++ b/content/news/releases/prestashop-8-1-6-maintenance-release.md @@ -0,0 +1,41 @@ +--- +layout: post +title: PrestaShop 8.1.6 Is Available +subtitle: Security patch for version 8.1 of PrestaShop +date: 2024-05-07 09:00:00 +authors: [ PrestaShop ] +image: /assets/images/2024/05/banner_8.1.6_1200x627.png +opengraph_image: /assets/images/2024/05/banner_8.1.6_1200x627.png +twitter_image: /assets/images/2024/05/banner_8.1.6_1024x512.png +icon: icon-leaf +tags: +- version +- patch +- releases +- "8.1" +- "8.1.x" +- "security" +--- + +A new patch version for PrestaShop 8.1 is now available. This maintenance release fixes 2 security issues. + +![8.1.6 is available!](/assets/images/2024/05/banner_8.1.6_1534x424.png) + +The security patch for version 8.1 of PrestaShop is now available. It is recommended that you upgrade your shop quickly in order to benefit from these fixes. Of course, don’t forget to create a backup before. You can upgrade to the latest version using the [1-Click Upgrade module](https://github.com/PrestaShop/autoupgrade/releases/). There are no database changes in this release. + +You can see a full changelog on the [release page](https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6). + +## Security fixes + +Two security issue were fixed in this release. If you want to learn more about the details of these issues you can visit the PrestaShop Security Advisories pages: + +- [XSS via customer contact form in FO, through file upload](https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78) +- [Anonymous customer can download other customers's invoices](https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g) + +## Download + +{{< cta "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6" >}}Download PrestaShop 8.1.6 now!{{< /cta >}} + +Since version 8.1.6 is a "patch" update, upgrading from previous 8.1.x versions should happen without any issues. As for every upgrade, it's highly recommended to do a full manual backup beforehand. + +If you encounter any problems during the upgrade that, in your opinion, are not caused by third-party modules or modifications used in your shop, [submit a bug report](https://www.prestashop-project.org/get-involved/report-issues/). From 2a94854b634e011ea8a4db977e182e8174609dff Mon Sep 17 00:00:00 2001 From: Krystian Podemski Date: Tue, 14 May 2024 17:14:00 +0200 Subject: [PATCH 2/6] banners are not ready just yet --- .../releases/prestashop-8-1-6-maintenance-release.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/content/news/releases/prestashop-8-1-6-maintenance-release.md b/content/news/releases/prestashop-8-1-6-maintenance-release.md index 81eb8cbdba..917f5f7533 100644 --- a/content/news/releases/prestashop-8-1-6-maintenance-release.md +++ b/content/news/releases/prestashop-8-1-6-maintenance-release.md @@ -2,11 +2,11 @@ layout: post title: PrestaShop 8.1.6 Is Available subtitle: Security patch for version 8.1 of PrestaShop -date: 2024-05-07 09:00:00 +date: 2024-05-14 09:00:00 authors: [ PrestaShop ] -image: /assets/images/2024/05/banner_8.1.6_1200x627.png -opengraph_image: /assets/images/2024/05/banner_8.1.6_1200x627.png -twitter_image: /assets/images/2024/05/banner_8.1.6_1024x512.png +#image: /assets/images/2024/05/banner_8.1.6_1200x627.png +#opengraph_image: /assets/images/2024/05/banner_8.1.6_1200x627.png +#twitter_image: /assets/images/2024/05/banner_8.1.6_1024x512.png icon: icon-leaf tags: - version @@ -19,7 +19,7 @@ tags: A new patch version for PrestaShop 8.1 is now available. This maintenance release fixes 2 security issues. -![8.1.6 is available!](/assets/images/2024/05/banner_8.1.6_1534x424.png) + The security patch for version 8.1 of PrestaShop is now available. It is recommended that you upgrade your shop quickly in order to benefit from these fixes. Of course, don’t forget to create a backup before. You can upgrade to the latest version using the [1-Click Upgrade module](https://github.com/PrestaShop/autoupgrade/releases/). There are no database changes in this release. From 23bed409ab612abced9a94afd06e293d3e912207 Mon Sep 17 00:00:00 2001 From: Krystian Podemski Date: Tue, 14 May 2024 17:19:59 +0200 Subject: [PATCH 3/6] credits to vulnerabilities reporters --- content/news/releases/prestashop-8-1-6-maintenance-release.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/news/releases/prestashop-8-1-6-maintenance-release.md b/content/news/releases/prestashop-8-1-6-maintenance-release.md index 917f5f7533..85781a76aa 100644 --- a/content/news/releases/prestashop-8-1-6-maintenance-release.md +++ b/content/news/releases/prestashop-8-1-6-maintenance-release.md @@ -29,8 +29,8 @@ You can see a full changelog on the [release page](https://github.com/PrestaShop Two security issue were fixed in this release. If you want to learn more about the details of these issues you can visit the PrestaShop Security Advisories pages: -- [XSS via customer contact form in FO, through file upload](https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78) -- [Anonymous customer can download other customers's invoices](https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g) +- [XSS via customer contact form in FO, through file upload](https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78) - thank you to Ayoub Ait Elmokhtar for the report +- [Anonymous customer can download other customers's invoices](https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g) - thank you to Samuel Bodevin for the report ## Download From a44ea5c6f9972625dceecb07862be35936b40f67 Mon Sep 17 00:00:00 2001 From: Krystian Podemski Date: Tue, 14 May 2024 17:58:02 +0200 Subject: [PATCH 4/6] Apply suggestions from code review Co-authored-by: Patrick Coffre <103060695+coffrep@users.noreply.github.com> --- content/news/releases/prestashop-8-1-6-maintenance-release.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/news/releases/prestashop-8-1-6-maintenance-release.md b/content/news/releases/prestashop-8-1-6-maintenance-release.md index 85781a76aa..288d306f85 100644 --- a/content/news/releases/prestashop-8-1-6-maintenance-release.md +++ b/content/news/releases/prestashop-8-1-6-maintenance-release.md @@ -27,10 +27,10 @@ You can see a full changelog on the [release page](https://github.com/PrestaShop ## Security fixes -Two security issue were fixed in this release. If you want to learn more about the details of these issues you can visit the PrestaShop Security Advisories pages: +Two security issues were fixed in this release. If you want to learn more about the details of these issues you can visit the PrestaShop Security Advisories pages: - [XSS via customer contact form in FO, through file upload](https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78) - thank you to Ayoub Ait Elmokhtar for the report -- [Anonymous customer can download other customers's invoices](https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g) - thank you to Samuel Bodevin for the report +- [Anonymous customer can download other customers' invoices](https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g) - thank you to Samuel Bodevin for the report. ## Download From e15e48e20467c782fe96ca3496a4b64218b708a6 Mon Sep 17 00:00:00 2001 From: Krystian Podemski Date: Wed, 15 May 2024 09:36:20 +0200 Subject: [PATCH 5/6] changed date --- content/news/releases/prestashop-8-1-6-maintenance-release.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/news/releases/prestashop-8-1-6-maintenance-release.md b/content/news/releases/prestashop-8-1-6-maintenance-release.md index 288d306f85..1a808bd72f 100644 --- a/content/news/releases/prestashop-8-1-6-maintenance-release.md +++ b/content/news/releases/prestashop-8-1-6-maintenance-release.md @@ -2,7 +2,7 @@ layout: post title: PrestaShop 8.1.6 Is Available subtitle: Security patch for version 8.1 of PrestaShop -date: 2024-05-14 09:00:00 +date: 2024-05-15 09:00:00 authors: [ PrestaShop ] #image: /assets/images/2024/05/banner_8.1.6_1200x627.png #opengraph_image: /assets/images/2024/05/banner_8.1.6_1200x627.png From a2073c7288ff82d1dcb0b7b9cd3c95d948478411 Mon Sep 17 00:00:00 2001 From: Krystian Podemski Date: Wed, 15 May 2024 09:36:49 +0200 Subject: [PATCH 6/6] Update prestashop-8-1-6-maintenance-release.md --- content/news/releases/prestashop-8-1-6-maintenance-release.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/news/releases/prestashop-8-1-6-maintenance-release.md b/content/news/releases/prestashop-8-1-6-maintenance-release.md index 1a808bd72f..b57d1cb8b8 100644 --- a/content/news/releases/prestashop-8-1-6-maintenance-release.md +++ b/content/news/releases/prestashop-8-1-6-maintenance-release.md @@ -2,7 +2,7 @@ layout: post title: PrestaShop 8.1.6 Is Available subtitle: Security patch for version 8.1 of PrestaShop -date: 2024-05-15 09:00:00 +date: 2024-05-15 authors: [ PrestaShop ] #image: /assets/images/2024/05/banner_8.1.6_1200x627.png #opengraph_image: /assets/images/2024/05/banner_8.1.6_1200x627.png