July 2024 service packs

  • Updated

The July 2024 Service Pack provides the following items. Any Support Articles are listed at the end of the section.

5.2 Release Notes

Release: 5.2.0.128+sdk

Version 5.2.0.128+sdk replaces version 5.2.0.125+sdk due to a critical vulnerability. This article is updated with version 5.2.0.128+sdk which contains all recent changes and updates.

Important Notes/Breaking Changes

None

Enhancements/Updates

  • Updated the FedEx Rating Service to use REST APIs. FedEx is deprecating their web services on August 30, but you can still use this service as normal before this date. See Create the FedEx carrier record for information.
  • Updated the X-Forwarded-Host header to allow only known hosts.
  • Added OAuth 2.0 authentication to the UPS Rating Service.
  • Added Internal-Only authentication to /api/v2/ShareEntityGenerateFromWebpage.

Database Changes/Updates

No database changes or updates were made for this service pack.

Bug Fixes

  • Addressed a critical security vulnerability that allowed a storefront user to escalate privileges, enabling them to request admin-only APIs.
  • Fixed an error returned on the order status page when an unlogged user shared an entity.
  • Addressed a security vulnerability that allowed improper CKFinder cookie validation.

SDK Downloads

Go to the SDK releases and downloads page to download the current service packs.

Support Articles

None

5.1 Release Notes

Release: 5.1.0.349

Important Notes/Breaking Changes

None

Enhancements/Updates

Database Changes/Updates

No database changes or updates were made for this service pack.

Bug Fixes

None

SDK Downloads

Go to the SDK releases and downloads page to download the current service packs.

Support Articles

None