Magento Hosting Emergency? Learn About Our Magento Hosting Rescue Service! ❯
1 (888) 997-2457 Chat Status Login

    We can help you. Right now.
    Fast growing merchants depend on JetRails for high-stakes hosting. Experience counts. Let's get started.
    Your message has been received, a representative will be contacting you shortly. if you have an emergency, please call us at 1 (888) 997-2457 or email us at [email protected]
    Call us at:1 (888) 997-2457
    LETS TALK

    Magento 2.4.3 and Other Important Magento News

    08/10/2021 • Authored By Robert Rand
    RSS
    Subscribe
    Facebook
    Twitter
    YouTube
    LinkedIn
    Share
    Telegram
    Speak With A Specialist!

    Magento/Adobe Commerce 2.4.3

    …and the long-awaited release of Page Builder for Magento Open Source

    This release includes over 370 fixes to Magento’s core and 33 security enhancements. It addresses almost 290 issues that were being tracked in GitHub. 

    The most important and exciting feature is, by far, Page Builder being added to Magento Open Source as a core bundled extension. Page Builder is now the default content editing tool and promises to allow a more user-friendly experience for creating and editing content via CMS Pages, CMS Blocks, Category Descriptions, and Product Descriptions.

    Other notable improvements include ReCAPTCHA coverage for the Place Order storefront page and payment-related Web APIs. When enabled via the Magento admin, this should add an additional layer of protection against carding attacks, one of the many ways bots cause trouble for eCommerce sites.

    Access the full details on Magento Open Source 2.4.3 at https://devdocs.magento.com/guides/v2.4/release-notes/open-source-2-4-3.html

    Or, the details on Adobe Commerce 2.4.3 at https://devdocs.magento.com/guides/v2.4/release-notes/commerce-2-4-3.html

    Magento/Adobe Commerce 2.4.2-p2 AND 2.3.7-p1

    These security-only patches address a mix of important and critical security issues. If you’re not yet ready to upgrade to 2.4.3, then your best bet is to bring your site up to date with security-only patching as a stopgap measure.

    You can also get more specific information about each respective patch at:

    Magento 2.3.7-p1: https://devdocs.magento.com/guides/v2.3/release-notes/2-3-7-p1.html

    Magento 2.4.2-p2: https://devdocs.magento.com/guides/v2.4/release-notes/2-4-2-p2.html

    Magento 2-Performance-Fixes From The Community

    First up, a solution to resolve an issue in which Redis caching overtaxes resources unnecessarily. In essence, this fix locks the caching process until it’s complete so that new requests to build the cache don’t start while an existing process to build the cache is already underway: https://github.com/maritos/magento2-performance-fixes

    Shout out to Alessando Ronchi, who added this to his list of useful Magento resources at https://github.com/aleron75/mageres, where we came upon it.

    We also noticed a solution to make existing Magento themes like Luma and Hyvä a PWA by adding a service worker to Magento 2 to enable PWA features: https://github.com/monsoonconsulting/magento2-pwa

    Note: As with all code, please review and test thoroughly before deploying to your production environment. 

    PWA Studio 11

    This latest version of PWA Studio includes new wishlist features, initial work to support virtual product types, the ability to add new editable payment methods, accessibility updates, improvements to layered navigation, and more. These updates help to make the Venia theme more polished for merchants that want to invest in a PWA frontend. 

    Learn more about this latest PWA Studio release at: https://github.com/magento/pwa-studio/releases

    Adobe/Magento partners with Walmart

    Walmart has developed some of the most advanced omnichannel software in the world, helping their business service customers across online and in-store sales channels. They have announced that they’re going to be opening up this software for use by Adobe Commerce and Magento Open Source merchants, in partnership with Adobe. 

    For merchants, this may feel like something they’re used to seeing from Amazon, which has opened its data centers (via AWS), payment processing (via Amazon Payments), and fulfillment services (via FBA), just to name a few initiatives that commercialized what were once internal Amazon resources. 

    While these SaaS solutions won’t be officially available to merchants until an undisclosed date in early 2022, we do have insights into what will be offered. For instance, there are expected to be solutions to assist with in-store and curbside pickup, as well as advanced delivery options. Merchants are also expected to have additional options for connecting to Walmart’s marketplace and for warehousing goods in Walmart’s fulfillment centers. 

    To quote Suresh Kumar, Chief Technology Officers and Chief Development Officer of Walmart, “The core mission of helping people save money and live better is at the heart of every idea including Scan & Go and checkout technologies, AI-powered smart substitutions and pickup and delivery…”.

    Getting even more specific, here are some of the features mentioned in the Adobe blog post on this topic:

    Adobe Commerce Magento Open Source Walmart Solutions

    Source: https://blog.adobe.com/en/publish/2021/07/27/adobe-walmart-partner-integrate-fulfillment-technologies-marketplace-adobe-commerce.html

    Pricing for these new offerings is also a big unknown, so it’s not advisable to wait on these solutions to evolve your Magento operations. 

    In the meantime, you can still benefit from a wide range of tried and tested solutions that integrate with Magento. For instance, you can work with 3PLs and fulfillment centers like RubyHas, ShipBob, and ShipMonk that are dedicated to the success of merchants like you. You can use checkout tech like ShipperHQ to offer advanced store/curbside pickup options, and Quivers to add advanced omnichannel experiences to your business operations. You can work with solutions like GoDataFeed or M2EPro to integrate with Walmart’s marketplace.

    Mage-One Patches 50 through 59

    For those using Magento 1, the team at Mage-One has released their next 10 patches. We’ve reported on the first 48 in our article about Magento 1 Security after June 2020. If you have questions about the Mage-One service, please ask your JetRails account representative for more information. In the meantime, here are details on these fresh patches:

    Patch MO-50: Improves PHP5.6 compatibility for unserialization.

    Note: This is not a recommendation to use PHP5.6. Merchants should be running at least PHP7.3. At the time of the writing of this article, only PHP7.3 and up are being supported. PHP 5.6 went end of life at the end of 2019.

    Patch MO-51: Updates phpseclib to version 2.0.32 to fix CVE-2021-30130

    Patch MO-52: Fixes a persisted XSS vulnerability

    Patch MO-53: Restores missing .htaccess files from core automatically.

    Patch MO-54: Improves PHP8 compatibility

    Note: PHP8 was released at the end of 2020. It’s foreseeable that some Magento extensions and other customizations will need adjustments in order to be compatible. Your JetRails account manager can help make sure that your JetRails account is ready for appropriate testing to ensure that your site is compatible before you switch to PHP8 for your production environment. 

    Patch MO-55: Prevents DoS attack via passwords larger than 4k

    Patch MO-56: Stops an admin with permission to import/export data from being able to edit cms pages by injecting an executable file on the server via layout XML.

    Patch MO-57: Addresses arbitrary command execution in Custom Layout Update via block method.

    Patch MO-58: Solves a vulnerability in which arbitrary file deletion in customer media allows remote code execution.

    Patch MO-59: This patch adds brute force attack prevention to the customer login via Frontend and API as well as the admin panel login.

     

    About The Author
    Robert Rand
    Director of Partnerships & Alliances

    Robert is a Magento 1 and 2 Solution Specialist with over a decade of experience in helping merchants benefit from sound ecommerce and digital marketing strategies. He’s highly experienced at harnessing the power of ecommerce technologies and solutions to help businesses of all types and sizes grow and succeed.

    Get A Free Consultation From The JetRails Team

    Need Help With Hosting Support, Security, Scalability, Speed, or Stability?

      More Articles
      Why Improved Import & Export Is Such A Popular Magento 2 Extension
      View Article
      Magento Critical Security Patches 2.4.5-p1 and 2.4.4-p2
      View Article
      Magento 2.4.5 and August 2022 Magento Ecosystem News
      View Article
      © 2023 JetRails.com
      an ADF, Inc. brand.
      All Rights Reserved
      Terms of Service | Privacy Policy
      Solutions
      Magento Managed Hosting Shopware Hosting Magento Hosting Rescue Service Drupal CMS Hosting WordPress High-Stakes Hosting Best Magento Hosting FAQ Magento 1 End of Life Hosting PCI Compliant Hosting Development Hosting Environments
      Tools
      Speed Test Security Audit Load Test Hosting Migrations Hosting Consultations Magento 2FA Extension Mage Cloudflare Extension Find a Magento Agency One-Time Secret
      JetRails
      About Us Blog Partners System Status Knowledge Base Case Studies Podcast Careers Get in Touch
      [email protected] 1 (888) 997-2457
      © 2023 JetRails.com
      an ADF, Inc. brand.
      All Rights Reserved