Magento keeps releasing security patches on regular intervals to keep your Magento stores safe against vulnerability and threats. Owing to this, today Magento released Magento SUPEE 11219 along with the Magento 126.96.36.199 version which provides resolution to multiple critical security issues. These security enhancements help secure your Magento stores from remote code execution, cross-site scripting, cross-site request forgery, and other vulnerabilities.
We recommend all the Magento 1.x users to upgrade to the latest Magento 188.8.131.52 or install the patch Magento security patch 11219 to secure your Magento stores from potential threats.
- Remote code execution via file upload in admin import feature
- Remote code execution via crafted support configuration modification
- Remote code execution via product layout update
- Insufficient logging and monitoring of configuration changes
- Cross-Site Scripting via WYSIWYG editor
- Sensitive information available in HTTP requests
Methods to Install Magento SUPEE 11219:
Each method in detail,
Contact your hosting provider for help with setting up SSH.
Download Magento SUPEE 11219 Patches files for your Magento Version from here.
Upload the patch into your Magento root directory and run the appropriate SSH command:
For .sh file extension:
For .patch file extension:
patch —p0 < patch_file_name.patch
For Linux OS or Ubuntu derived machines:
On Linux OS or Ubuntu derived machines, using sh will throw an error as sh is supposed to be used only with purely POSIX compliant scripts and Magento scripts are not 100% POSIX compliant. Instead, on Ubuntu and derived OSes such as Linux Mint, you should use
Note: Once executed the command, refresh the cache in the Admin under “System > Cache Management” so that the changes can be reflected. We strongly recommend that you test all patches in a test environment before taking them live.
Download the zip file for your Magento version. You can also download these PrePatched files from Github. Once you download these files, just upload it to your Magento root folder.
|Magento version||SUPEE 11219|
|Magento 184.108.40.206||Download CE-220.127.116.11|
|Magento 18.104.22.168||Download CE-22.214.171.124|
|Magento 126.96.36.199||Download CE-188.8.131.52|
|Magento 184.108.40.206||Download CE-220.127.116.11|
|Magento 18.104.22.168||Download CE-22.214.171.124|
|Magento 126.96.36.199||Download CE-188.8.131.52|
|Magento 184.108.40.206||Download CE-220.127.116.11|
|Magento 18.104.22.168 – Magento 22.214.171.124||Download CE-126.96.36.199 – CE-188.8.131.52|
|Magento 184.108.40.206||Download CE-220.127.116.11|
|Magento 18.104.22.168||Download CE-22.214.171.124|
|Magento 126.96.36.199||Download CE-188.8.131.52|
|Magento 184.108.40.206||Download CE-220.127.116.11|
How to check if Magento SUPEE 11219 has been installed correctly?
Check if the steps to install Magento SUPEE 11219 has been implemented correctly or not using magereport.com
Another way to check for the patches installed is, using SSH. Every installed patch can be found in your store content specifically logged in to app/etc/applied.patches.list.
So you can use the ‘grep’ command to access the list:
grep ‘|' app/etc/applied.patches.list
You’ll get output like this:
SUPEE-11219_CE_18.104.22.168 | CE_22.214.171.124 | v4 | a7bbf3ed17e3cf723cbc5e01720856190d22c71b | Wen Oct 09 10:21:14 2019 +0300 | ce-126.96.36.199-dev
How to revert a patch if you are facing any issue?
Run the following SSH Command to revert your patch.
sh patch-file-name.sh -R
For both the above methods, if you face any difficulties in the Magento SUPEE patch installation, feel free to post them in the Comments section below. I’ll help you out. Don’t forget to comment down your Magento version along with the issue to help you out quicker and better.
Follow Magento StackExchange to find the possible issues related to Magento SUPEE 11219 and their solutions.
We highly recommend upgrading your Magento to the latest version Magento 188.8.131.52 which includes all the security patches including SUPEE 11219. If you need any help regarding Magento Version Upgrade, Checkout our Magento Upgrade Service.
We can also help you install Magento SUPEE 11219 professionally, visit our Magento Security Patches Installation Service.
With nearing of Magento 1 end of life, we recommend you to migrate your older Magento 1.x stores to the latest Magento 2.3.3 version and enjoy the latest features such as Page Builder, PWA Studio, and much more. If you are not much a Magento 2 guy, have a look at our Magento 2 Migration Service to get our professional help in the Magento 1 to Magento 2 migration.