Magento keeps on releasing various SUPEE patches and version upgrades in order to provide new features and security upgrades. After the launch of Magento 2, Magento has stopped introducing new features but still, it keeps on releasing patches to safeguard stores against potential threats and security attacks.
Magento has come up with new security patch SUPEE 10415 which is the solution for many vulnerable issues like remote code execution, cross-site scripting, and cross-site request forgery issues. Here, we have come up with patch files to install in your Magento and safeguard your store against potential security threats and vulnerabilities.
Take a note here:
If you have previously applied Magento SUPEE 10266, you can simply upload SUPEE 10415 files on top of it to apply this new version of patch. This will auto-replace all related files.
Magento SUPEE 10415 Installation process:
There are two ways you can install Magento SUPEE 10415: with SSH or without SSH. Both methods are mentioned below:
Install Magento SUPEE 10415 using SSH:
You will need SSH, if you don’t know how to set up SSH, contact your hosting provider.
Upload the patch files in the root,
In ssh console, run the command as follows.
For .sh file extension:
For .patch file extension:
patch —p0 < patch_file_name.patch
Install Magento SUPEE 10415 with PrePatched Files:
Download the zip file for the patch installation. You can also download these Pre Patched files from GitHub. After downloading the files, just upload it to your Magento root folder.
|Magento version||SUPEE-10415 Version|
Possible Issues You might face while Installing SUPEE 10415:
- After patching Magento SUPEE 10415, saving products in backend causes an error “Unsupported data type N”
The cause of this issue is not having SUPEE-8788 V2 installed.
To fix this, download Magento 126.96.36.199 and copy
files to your website. Check if there are any changes between the files & overwrite them if there are.
- “404: Page Not Found” errors from the errors directory
This only happens if your store has certain third-party extensions.
To fix this, Check & Fix if there are any PHP warning generated by the extensions installed or customizations has been done.
- Double check if your Promotions still work. The deserialisation changes in Rule/Model/Abstract.php can break add to cart actions. (Source)
- Magento has removed Standard PHP Unserialize Method due to Remote Code Execution Vulnerability. Alternative Unserialize Method introduced by Magento is used as shown here:
This will affect all third-party customizations. Serialized EAV Attributes and Price Rules Conditions will be updated with the New Unserialize Method Call.
Do let us know via Comments if you are facing any other error while installing Magento SUPEE 10415. We will help you out fixing them.
We recommend upgrading to Magento version 188.8.131.52 which includes all the security patches including SUPEE 10415. If you need any help regarding Magento version Upgrade, Checkout our Magento Upgrade Service.
We can also help you install SUPEE 10415 professionally, visit: Magento Security Patches Installation Service
Get Weekly Updates
Never miss Magento tips, tricks, tutorials, and news.
Thank you for subscribing.
Something went wrong.