Magento Commerce, 1.14.x

Magento 1.x Software Support Notice
For Magento Commerce 1, Magento is providing software support through June 2020. Depending on your Magento Commerce 1 version, software support may include both quality fixes and security patches. Please review our Magento Software Lifecycle Policy to see how your version of Magento Commerce 1 is supported.

Release Notes

Magento Enterprise Edition 1.14.2.2

We are pleased to bring to you Magento Enterprise Edition, 1.14.2.2, which features a bundle of patches that improves the security of your Magento installation.

Important! Use Magento Enterprise 1.14.2.2 or later for all new installations and upgrades to ensure that you have the latest fixes, features, and security updates.

Security Patches

To receive direct notification from our security team regarding any emerging issues and solutions, stop by the Magento Security Center and sign up for the Security Alert Registry. To learn more, see:

If you need additional help installing the upgrade, please open a support ticket from the dashboard of your Magento account.

SUPEE-6788 Patch Bundle

This patch bundle protects your Magento installation against several potential threats, and includes a new Admin Routing Compatibility Mode configuration setting that helps manage the backward compatibility of the patch for extensions and customizations.

Important! This patch breaks backward compatibility, and can impact extensions and customizations.

Admin Routing Compatibility Mode

To help manage the compatibility of extensions and customizations, the following setting has been added to the Admin > Security configuration:

  • Field

    Scope

    Description

    Admin routing compatibility mode for extensions

    Global

    Allows you to verify that all extensions and customizations are compatible before the patch is enabled.

    Enable

    (Default Setting) Partially enables an installed patch to allow extensions or customizations with older modules to continue working in an unsecured state while the code is updated. When all impacted extensions are updated, set Admin Routing to “Disable” to fully enable the security patch.

    Disable

    Fully enables an installed security patch. Any extensions with older modules will not work correctly.

We recommend that you install the patch first in the test environment, and try disabling the compatibility mode. If you discover issues, set Admin Routing Compatibility back to “Enable." If your extensions and customizations work correctly, you can deploy the fully-enabled patch to production. If you discover issues accessing extensions or customizations from the Admin, set Admin Routing Compatibility Mode to “Disable” before deploying the patch to production. Then, update the impacted customizations and extensions as needed.

We urge you to enable Admin Routing Compatibility Mode as soon as possible to protect your installation from automated attacks. To learn more, see the technical details in the Security Center.