Blog Post

Magento supee - 11219

Magento Security Patch SUPEE-11219

Posted on

Today Magento released Magento SUPEE 11219 updates for Magento 1.x versions along with the Magento Commerce 1.14.4.3 and Open Source 1.9.4.3 version. Magento included considerations for version upgrades or a bare minimum security patch across their offerings. There are confirmed multiple critical security issues and functional fixes included in this new release.

The new security patch Magento SUPEE-11219, Magento Commerce 1.14.4.3 and Magento Open Source 1.9.4.3 contain multiple security enhancements that help close remote code execution (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities.

Detail information on all the changes in new version 1.14.4.3 and 1.9.4.3 releases is available in the Magento Commerce and Magento Open Source release notes.

Patches and upgrades are available for the following Magento versions:
– Magento Commerce 1.9.0.0-1.14.4.1: SUPEE-11219 or upgrade to Magento Commerce 1.14.4.3.
– Magento Open Source 1.5.0.0-1.9.4.1: SUPEE-11219 or upgrade to Magento Open Source 1.9.4.3.

Install Magento SUPEE-11219 using SSH:

You need to have SSH access to perform these methods. Contact your hosting provider if you don’t know how to set up SSH.

Download Magento SUPEE-11219 Patch files for your Magento Version from here.

Upload the patch into your Magento root directory and run the appropriate SSH command:

For .sh file extension:
sh patch_file_name.sh
Example:
sh PATCH_SUPEE-11219_CE_1.9.4.1_v4-2019-10-08-04-30-12.sh
For .patch file extension:
patch —p0 < patch_file_name.patch

Note: Once the patch has been installed or reverted, refresh the cache in the Admin under “System > Cache Management” so that the changes can be reflected. We strongly recommend that you test all patches in a test environment before taking them live.

Ideally, you should have your developer apply the patches. Alternatively, you can get in touch with us and we will apply for you. (Note: We will back up your site before applying the patches and request you to check and confirm that all is well. If not the best we can do is to roll back the patches and do the fix).