The Zen Cart development team has released version 1.5.5f
Zen Cart 1.5.5f Released, what’s different?
– Checkout – As a help to people getting PayPal TLS notifications, the CURL Testing tool now reports compatibility with tlstest.paypal.com.
– Checkout – Square Payments support is now built-in. Start taking credit card payments in just 5 minutes! See www.zen-cart.com/partners/square_setup .
– Checkout – FirstData soft-descriptors now optional via module settings.
– Checkout – PayPal – Australia settings explained better in configuration screen.
– Checkout – PayPal IPN-handler posts back over ipnpb URL and now gracefully ignores unrecognized new notification types.
– Checkout – Payeezy module now also accommodates 2-series MC BINs.
– Checkout – Authorize.net AIM – add option to display reason for CVV or date failure.
– Checkout – Authorize.net AIM – improvements to detect always-SSL site configuration.
– Checkout – Credit Card Slamming threshold now customizable via Observer code or plugin.
– Checkout – Internal fix to payment modules to avoid thousands-rounding errors.
– Fix upload-class bug related to filtering desired file-extensions.
– Fix multi-language error (since v155a) in functions_email for PHPMailer.
– Fix possible bug in subdomain handling of secure cookie session handling.
– Fix attribute sort-order rules .
– Fixed – if an invalid or non-existent tax rate was encountered, would get: PHP Warning: A non-numeric value encountered in /includes/functions/functions_taxes.php on line 172.
– Admin: Restored percent calculators on Products Price Manager.
– Admin: Fix a few sanitizer fields to avoid over-cleaning.
– Admin: Update currency-exchange calculators since BOC change.
– Template – Support ISO-8601 style date-of-birth date.
– Template – Compatibility updates to accommodate OnePageCheckout plugin integration .
– Template – Improvements for jQuery conflict prevention, and support older browsers.
– Template – Fix CSS typo in colors.
– Template – hreflang URL correction.
– Template – Fix incorrect use of logo image height .
– Security: CVE-2017-11675 – Low-Risk vulnerability (required your Admin login to be hijacked first). Now prevents exporting to invalid filenames.
– Optimization – Abort ajax requests from spiders.
– Enhancement – Cache-bypass added for certain db queries, so retrieved data is always fresh.
– Utility – Plugin version-check utility optimized to allow specific version-comparisons, and adapt to timeouts more quickly.
We do recommend upgrading and keeping current so you can benefit from these fixes and improvements. Just as important, smaller more frequent upgrades are less risky than bigger upgrades.
Please contact us for upgrade details and pricing.