We are pleased to announce the release of 6.1.9. This is just a maintenance release but upgrade is recommended. 

What's New?
- 44 resolved issues

Netsparker Audit Result
Passed with no exploitable security issues found.

Download: CubeCart-6.1.9.zip

Permalink | 29th August 2017 14:58

We are pleased to announce the release of 6.1.8. This is just a maintenance release but upgrade is recommended. 

What's New?
- 25 resolved issues

Netsparker Audit Result
Passed with no exploitable security issues found.

Download: CubeCart-6.1.8.zip
 

Permalink | 22nd May 2017 15:23

This release came quickly off the back of 6.1.6 with a few stability enhancements over the new CSRF features. 

Please note that if SSL is enabled the admin login to the store will only work under SSL. Standard HTTP login attempts may fail with a CSRF error. This is due to forced secure cookies if SSL is enabled. 

Permalink | 20th April 2017 13:00

We are pleased to announce the immediate availability of 6.1.6. Due to past stability issues with the auto upgrade tool we strongly recommend upgrading manually (see release note 1). 

What's new?

• 52 issues closed
• A number of security patches and enhancements  (release note 2). 
• Ability to edit order payment gateway name
• File size added to file manager
• Invisible Google reCaptcha with skin compatibility checker (release note 3)
• Resend email from email log
• Improved error reporting in debug mode
• Physical & digital items as one product (release note 4)
• Stability enhancements to auto upgrade tool.
• Public folder added to file manager  (release note 5)
• Miscellaneous bug fixes.

Release Notes

1. Manual Upgrade
A bug in a previous release has caused a number of upgrade failures. We are aware of a number of stores running a mixture of code from mismatching versions. These stores may well be "stuck" like this until manually updated. 

2. Security Patches and Enhancements
Our friends at Netsparker have identified a number of CSRF, XSS and directory transversal issues. These have all been patched and more. The default Foundation theme now has CSRF protection for all form data. The admin control panel now has CSRF protection on any GET requests that manipulate data such as delete. From now on CubeCart has continual security auditing powered by Netsparker for which we are very grateful. 

3. Invisible reCaptcha

The default Foundation skin now supports Google Invisible reCaptcha to keep pesky bots and spammers out. We will be happy to integrate this for any of our merchants who has a custom skin who have an active managed technical support account.

4. Physical & digital items as one product
Many will be pleased to hear that CubeCart now supports the ability to have a digital download with the option of being physical too. It's simple just add a product option with a weight greater than zero. For example it would be possible to have an option group of "Format" with attributes "Digital" and "Physical". Just assigned a weight to the "Physical" attribute.

5. Public folder added to file manager
We get a lot of support requests asking why files added to the file manager can't be loaded directly in a browser. The reason for this is that they are protected with the intent to sell them as digital downloads. For those wanting to upload and link to digital files directly a new public folder exists in the file manager which is not protected.  

Permalink | 18th April 2017 12:20