Skip to content
This repository was archived by the owner on Nov 19, 2024. It is now read-only.

Commit 81fbbf3

Browse files
authored
Merge pull request #2494 from magento-devdocs/2.4.3-release-note-update-hotfix-MC-43059
Adobe Commerce 2.4.3 and 2.3.7-p1 release note for hotfix MC-43059
2 parents 27a36c4 + e3ba2b0 commit 81fbbf3

File tree

5 files changed

+40
-10
lines changed

5 files changed

+40
-10
lines changed

src/_data/toc/release-notes.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ pages:
1414
- label: Adobe Commerce 2.4.3 Release Notes
1515
url: /release-notes/commerce-2-4-3.html
1616

17-
- label: Magento 2.4.2-p2 Release Notes
17+
- label: Adobe Commerce 2.4.2-p2 Release Notes
1818
url: /release-notes/2-4-2-p2.html
1919

2020
- label: Magento Open Source 2.4.2 Release Notes
@@ -46,7 +46,7 @@ pages:
4646
- label: Component Status
4747
url: /release-notes/component-status.html
4848

49-
- label: 2.3.7-p1 Release Notes
49+
- label: Adobe Commerce 2.3.7-p1 Release Notes
5050
url: /release-notes/2-3-7-p1.html
5151

5252
- label: Magento Open Source 2.3.7 Release Notes

src/guides/v2.3/release-notes/2-3-7-p1.md

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,27 @@
11
---
22
group: release-notes
3-
title: Magento 2.3.7-p1 Release Notes
3+
title: Adobe Commerce 2.3.7-p1 Release Notes
44
---
55

6-
Magento 2.3.7-p1 is a security-only release that provides 17 security fixes that enhance your Magento 2.3.7 deployment. Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release provides. Patch 2.3.7-p1 is a security-only patch that provides fixes for vulnerabilities that have been identified in our previous quarterly release, {{ site.data.var.ee }} 2.3.7 and {{ site.data.var.ce }} 2.3.7.
6+
{{ site.data.var.ee }} 2.3.7-p1 is a security-only release that provides 17 security fixes that enhance your Magento 2.3.7 deployment. Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release provides. Patch 2.3.7-p1 is a security-only patch that provides fixes for vulnerabilities that have been identified in our previous quarterly release, {{ site.data.var.ee }} 2.3.7 and {{ site.data.var.ce }} 2.3.7.
77

88
{:.bs-callout-info}
99

1010
PHP 7.3 reaches end of support in December 2021, and Adobe Commerce 2.3.x reaches end of support in April 2022. **We strongly recommend planning your upgrade now to Adobe Commerce 2.4.x or Magento Open Source 2.4.x and PHP 7.4.x to help maintain PCI compliance**.
1111

1212
## Apply MC-43048__set_rate_limits__2.3.7-p1.patch to address issue with API rate limiting
1313

14-
This hotfix provides a solution for the issue where Web APIs cannot process requests that contain more than 20 items in array. This issue affects deployments running {{ site.data.var.ce }} 2.4.3, {{ site.data.var.ee }} 2.4.3, or Magento 2.3.7-p1. Built-in rate limiting was added to these releases to prevent denial-of-service (DoS) attacks, and the default maximum was set to 20. This patch reverts the default limit to a higher value. If you suspect that your store is experiencing a DoS attack, Adobe recommends lowering the default input limits to a lower value to restrict the number of resources that can be requested. See the [Web API unable to process requests with more than 20 items in array](https://support.magento.com/hc/en-us/articles/4406893342093)Knowledge Base article.
14+
This hotfix provides a solution for the issue where Web APIs cannot process requests that contain more than 20 items in an array. This issue affects deployments running {{ site.data.var.ce }} 2.4.3, {{ site.data.var.ee }} 2.4.3, or {{ site.data.var.ee }} 2.3.7-p1. Built-in rate limiting was added to these releases to prevent denial-of-service (DoS) attacks, and the default maximum was set to 20. This patch reverts the default limit to a higher value. If you suspect that your store is experiencing a DoS attack, Adobe recommends lowering the default input limits to a lower value to restrict the number of resources that can be requested. See the [Web API unable to process requests with more than 20 items in array](https://support.magento.com/hc/en-us/articles/4406893342093) Knowledge Base article.
15+
16+
## Apply AC-384__Fix_Incompatible_PHP_Method__2.3.7-p1_ce.patch to address PHP fatal error on upgrade
17+
18+
The following fatal error can occur during upgrade to {{ site.data.var.ee }} 2.3.7-p1:
19+
20+
```terminal
21+
PHP Fatal error: Uncaught Error: Call to undefined function Magento\Framework\Filesystem\Directory\str_contains() in [...]/magento/vendor/magento/framework/Filesystem/Directory/DenyListPathValidator.php:74
22+
```
23+
24+
This error results from the use of the `str_contains` function, which is an PHP 8.x function. {{ site.data.var.ee }} 2.3.7-p1 does not support PHP 8.x. This hotfix replaces this function with a supported PHP 7.x function. See the [Adobe Commerce upgrade 2.4.3, 2.3.7-p1 PHP Fatal error Hotfix](https://support.magento.com/hc/en-us/articles/4408021533069-Adobe-Commerce-upgrade-2-4-3-2-3-7-p1-PHP-Fatal-error-Hotfix) Knowledge Base article.
1525

1626
## What's in this release?
1727

src/guides/v2.3/release-notes/bk-release-notes.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ title: 2.3 Release Information
55

66
## Magento 2.3.x Release Notes
77

8-
* [Magento 2.3.7-p1 Release Notes]({{page.baseurl}}/release-notes/2-3-7-p1.html)
8+
* [{{site.data.var.ee}} 2.3.7-p1 Release Notes]({{page.baseurl}}/release-notes/2-3-7-p1.html)
99

1010
* [{{site.data.var.ce}} 2.3.7 Release Notes]({{page.baseurl}}/release-notes/open-source-2-3-7.html)
1111
* [{{site.data.var.ee}} 2.3.7 Release Notes]({{page.baseurl}}/release-notes/commerce-2-3-7.html)

src/guides/v2.4/release-notes/commerce-2-4-3.md

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,14 +10,24 @@ This release includes over 370 new fixes to core code and 33 security enhancemen
1010
{:.bs-callout-info}
1111
Quarterly releases may contain backward-incompatible changes (BIC). {{ site.data.var.ee }} 2.4.3 contains minor backward-incompatible changes. To review minor backward-incompatible changes, see [BIC reference]({{page.baseurl}}/release-notes/backward-incompatible-changes/reference.html). (Major backward-incompatible issues are described in [BIC highlights]({{page.baseurl}}/release-notes/backward-incompatible-changes/index.html). Not all releases introduce major BICs.)
1212

13-
See [Adobe Commerce 2.4.2-p2 release notes]({{page.baseurl}}/release-notes/2-4-2-p2.html) for information about Magento 2.4.2-p2.
13+
See [Adobe Commerce 2.4.2-p2 release notes]({{page.baseurl}}/release-notes/2-4-2-p2.html) for information about {{ site.data.var.ee }} 2.4.2-p2.
1414
## Other release information
1515

1616
Although code for these features is bundled with quarterly releases of the Magento core code, several of these projects (for example, B2B, Page Builder, and Progressive Web Applications (PWA) Studio) are also released independently. Bug fixes for these projects are documented in the separate, project-specific release information that is available in the documentation for each project.
1717

1818
## Apply MC-43048__set_rate_limits__2.4.3.patch to address issue with API rate limiting
1919

20-
This hotfix provides a solution for the issue where Web APIs cannot process requests that contain more than 20 items in array. This issue affects deployments running {{ site.data.var.ce }} 2.4.3, {{ site.data.var.ee }} 2.4.3, or Magento 2.3.7-p1. Built-in rate limiting was added to these releases to prevent denial-of-service (DoS) attacks, and the default maximum was set to 20. This patch reverts the default limit to a higher value. If you suspect that your store is experiencing a DoS attack, Adobe recommends lowering the default input limits to a lower value to restrict the number of resources that can be requested. See the [Web API unable to process requests with more than 20 items in array](https://support.magento.com/hc/en-us/articles/4406893342093)Knowledge Base article.
20+
This hotfix provides a solution for the issue where Web APIs cannot process requests that contain more than 20 items in an array. This issue affects deployments running {{ site.data.var.ce }} 2.4.3, {{ site.data.var.ee }} 2.4.3, or Magento 2.3.7-p1. Built-in rate limiting was added to these releases to prevent denial-of-service (DoS) attacks, and the default maximum was set to 20. This patch reverts the default limit to a higher value. If you suspect that your store is experiencing a DoS attack, Adobe recommends lowering the default input limits to a lower value to restrict the number of resources that can be requested. See the [Web API unable to process requests with more than 20 items in array](https://support.magento.com/hc/en-us/articles/4406893342093) Knowledge Base article.
21+
22+
## Apply AC-384__Fix_Incompatible_PHP_Method__2.4.3_ce.patch to address PHP fatal error on upgrade
23+
24+
The following fatal error can occur during upgrade to {{ site.data.var.ee }} 2.4.3:
25+
26+
```terminal
27+
PHP Fatal error: Uncaught Error: Call to undefined function Magento\Framework\Filesystem\Directory\str_contains() in [...]/magento/vendor/magento/framework/Filesystem/Directory/DenyListPathValidator.php:74
28+
```
29+
30+
This error results from the use of the `str_contains` function, which is an PHP 8.x function. {{ site.data.var.ee }} 2.4.3 does not support PHP 8.x. This hotfix replaces this function with a supported PHP 7.x function. See the [Adobe Commerce upgrade 2.4.3, 2.3.7-p1 PHP Fatal error Hotfix](https://support.magento.com/hc/en-us/articles/4408021533069-Adobe-Commerce-upgrade-2-4-3-2-3-7-p1-PHP-Fatal-error-Hotfix) Knowledge Base article.
2131

2232
## Highlights
2333

src/guides/v2.4/release-notes/open-source-2-4-3.md

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,15 +12,25 @@ This release includes over 370 new fixes to core code and 33 security enhancemen
1212
{:.bs-callout-info}
1313
Quarterly releases may contain backward-incompatible changes (BIC). {{ site.data.var.ce }} 2.4.2 contains minor backward-incompatible changes. To review minor backward-incompatible changes, see [BIC reference]({{page.baseurl}}/release-notes/backward-incompatible-changes/reference.html). (Major backward-incompatible issues are described in [BIC highlights]({{page.baseurl}}/release-notes/backward-incompatible-changes/index.html). Not all releases introduce major BICs.)
1414

15-
See [Adobe Commerce 2.4.2-p2 release notes]({{page.baseurl}}/release-notes/2-4-2-p2.html) for information about Magento 2.4.2-p2.
15+
See [Adobe Commerce 2.4.2-p2 release notes]({{page.baseurl}}/release-notes/2-4-2-p2.html) for information about {{ site.data.var.ee }} 2.4.2-p2.
1616

1717
## Other release information
1818

1919
Although code for these features is bundled with quarterly releases of the Magento core code, several of these projects (for example, Progressive Web Applications (PWA) Studio) are also released independently. Bug fixes for these projects are documented in the separate, project-specific release information that is available in the documentation for each project.
2020

2121
## Apply MC-43048__set_rate_limits__2.4.3.patch to address issue with API rate limiting
2222

23-
This hotfix provides a solution for the issue where Web APIs cannot process requests that contain more than 20 items in array. This issue affects deployments running {{ site.data.var.ce }} 2.4.3, {{ site.data.var.ee }} 2.4.3, or Magento 2.3.7-p1. Built-in rate limiting was added to these releases to prevent denial-of-service (DoS) attacks, and the default maximum was set to 20. This patch reverts the default limit to a higher value. If you suspect that your store is experiencing a DoS attack, Adobe recommends lowering the default input limits to a lower value to restrict the number of resources that can be requested. See the [Web API unable to process requests with more than 20 items in array](https://support.magento.com/hc/en-us/articles/4406893342093)Knowledge Base article.
23+
This hotfix provides a solution for the issue where Web APIs cannot process requests that contain more than 20 items in an array. This issue affects deployments running {{ site.data.var.ce }} 2.4.3, {{ site.data.var.ee }} 2.4.3, or Magento 2.3.7-p1. Built-in rate limiting was added to these releases to prevent denial-of-service (DoS) attacks, and the default maximum was set to 20. This patch reverts the default limit to a higher value. If you suspect that your store is experiencing a DoS attack, Adobe recommends lowering the default input limits to a lower value to restrict the number of resources that can be requested. See the [Web API unable to process requests with more than 20 items in array](https://support.magento.com/hc/en-us/articles/4406893342093) Knowledge Base article.
24+
25+
## Apply AC-384__Fix_Incompatible_PHP_Method__2.4.3_ce.patch to address PHP fatal error on upgrade
26+
27+
The following fatal error can occur during upgrade to {{ site.data.var.ce }} 2.4.3:
28+
29+
```terminal
30+
PHP Fatal error: Uncaught Error: Call to undefined function Magento\Framework\Filesystem\Directory\str_contains() in [...]/magento/vendor/magento/framework/Filesystem/Directory/DenyListPathValidator.php:74
31+
```
32+
33+
This error results from the use of the `str_contains` function, which is an PHP 8.x function. {{{ site.data.var.ce }} 2.4.3 does not support PHP 8.x. This hotfix replaces this function with a supported PHP 7.x function. See the [Adobe Commerce upgrade 2.4.3, 2.3.7-p1 PHP Fatal error Hotfix](https://support.magento.com/hc/en-us/articles/4408021533069-Adobe-Commerce-upgrade-2-4-3-2-3-7-p1-PHP-Fatal-error-Hotfix) Knowledge Base article.
2434

2535
## Highlights
2636

0 commit comments

Comments
 (0)