Yesterday (February 23, 2016) I received a notification about a new Version of the patch SUPEE-7405. At first I was a little confused as I applied this patch back in January.
What is changed in this new version?
As I understand there are no new security issues is just to make additional fixes to the security issues that were patch with V1.0. Is this correct?
So basically, the updated version of the patch fixes some of the issues it brought (see details here: Security Patch SUPEE-7405 - possible problems?)
The SUPEE-7405 v 1.1 patch bundle includes the following:
Cart Merge Patch (SUPEE-7978)
Carts with identical items now merge correctly. Previously, when a cart with one item was merged with another cart that contained the same item, Magento did not merge the cart totals correctly. The cart now includes only one item, and the total is correct.
SOAP API Patch (SUPEE-7822)
The Magento SOAP API now works as expected. Previously after installing the SUPEE-7405 v1.0 patch, an API request would cause a 500 error, and Magento would log an exception.
PHP 5.3 Compatibility (SUPEE-7882)
The patch was not compatible with PHP 5.3 for earlier versions of Magento that were still supporting this version. Merchants experiencing this issue were unable to view sales information in the Admin.
Upload File Permissions
The patch restores less restrictive file permissions (0666 for files and 0777 for directories) as more strict permissions introduced by the original SUPEE-7405 patch caused many merchants not to be able to view uploaded product images, depending on hosting provider configuration.
Technical Details After Digging Into The Patch
[] has been properly replaced with array() in Mage_Adminhtml_Helper_Sales to fix the PHP < 5.4 backward incompatibility_makeEventsLowerCase function of Mage_Core_Model_Config now accepts any Varien_Simplexml_Config as second parameter instead of Mage_Core_Model_Config_Base to fix the 500 SOAP API issue.Varien_File_Uploader permissions have been rolled back to 666 for files (640 with patch V1) and 777 for folders (750 with patch V1) to fix the file upload issues.app/code/core/Mage/Sales/Model/Quote/Item.php to fix the quote items not merged correctly bug it seems like it does not fully address the issue. Fabian Schmengler made the following comment about it:It still does not fix the issue properly. The problem is, the buyRequest option is compared when checking for equality. Changed session => item treated as different. Remaining problem:
related_productsis an empty array for products added via product page and not present when added via list. Also, any arbitrary user POST data is in thebuyRequestoption, so you can actively prevent merging. Removing&& !$item->getProduct()->hasCustomOptions()from thecompare()method worked great for me so far.
List of files affected
app/code/core/Mage/Adminhtml/Helper/Sales.php
app/code/core/Mage/Core/Model/Config.php
app/code/core/Mage/Sales/Model/Quote/Item.php
lib/Varien/File/Uploader.php
Important notes
Useful links
