Merge pull request magento-commerce/devdocs/pull/2623 from magento-devdocs/Q4-release-note-update-1025

Adobe Commerce 2.3.7-p2 and 2.4.3-p1 release note update

Author: jfrontain

src/guides/v2.3/release-notes/2-3-7-p1.md

@@ -3,7 +3,7 @@ group: release-notes
 title: Adobe Commerce 2.3.7-p1 Release Notes
 ---
 
-{{ site.data.var.ee }} 2.3.7-p1 is a security-only release that provides 17 security fixes that enhance your Magento 2.3.7 deployment. Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release provides. Patch 2.3.7-p1 is a security-only patch that provides fixes for vulnerabilities that have been identified in our previous quarterly release, {{ site.data.var.ee }} 2.3.7 and {{ site.data.var.ce }} 2.3.7.
+{{ site.data.var.ee }} 2.3.7-p1 is a security release that provides security fixes that enhance your {{ site.data.var.ee }} 2.3.7 or {{ site.data.var.ce }} 2.3.7 deployment. It provides fixes for vulnerabilities that have been identified in the previous patch release, {{ site.data.var.ee }} 2.3.7 and {{ site.data.var.ce }} 2.3.7.
 
 {:.bs-callout-info}
 
@@ -29,16 +29,16 @@ Seventeen security fixes and one security enhancement are included in this secur
 
 Rate limiting is now built in to Magento APIs to prevent denial-of-service (DoS) attacks. Web APIs now impose restrictions on the size or number of resources (the default limit is set to 20 and can be configured to a different value based on business need) that can be requested by a client. See [Rate limiting]({{page.baseurl}}/get-started/api-security.html#rate-limiting) for information about configuring these restrictions. <!--- MC-35358-->
 
-Security-only patches typically include all hotfixes that have been released for the preceding complete release. However, no hot fixes have been released for {{ site.data.var.ee }} 2.3.7 and {{ site.data.var.ce }} 2.3.7.
+Security patches typically include all hotfixes that have been released for the preceding complete release. However, no hot fixes have been released for {{ site.data.var.ee }} 2.3.7 and {{ site.data.var.ce }} 2.3.7.
 
 ## Known issue
 
 **Issue**:  _Previously placed order price is displayed when a shopper tries to place an order with a different product using the PayPal payment method_. Magento displays an incorrect order price when a shopper tries to use PayPal to pay for an order after first purchasing a different product.  Shoppers can successfully place the first order, but during checkout for the second order,  Magento displays the first order’s total price instead of the second order’s correct total.  See [{{site.data.var.ee}} 2.3.7-p1 known issue: outdated order total for PayPal](https://support.magento.com/hc/en-us/articles/4405999788685-Adobe-Commerce-2-3-7-p1-known-issue-outdated-order-total-for-PayPal). <!--- MC-42674 -->
 
 ## Installation and upgrade instructions
 
-For instructions on downloading and applying security-only patches (including patch 2.4.2-p1), see [Quick start install]({{site.baseurl}}/guides/v2.4/install-gde/composer.html).
+For instructions on downloading and applying security patches (including patch 2.4.2-p1), see [Quick start install]({{site.baseurl}}/guides/v2.4/install-gde/composer.html).
 
 ## More information?
 
-For general information about security-only patches, see the Magento DevBlog post [Introducing the New Security-only Patch Release](https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-only-Patch-Release/ba-p/141287).
+For general information about security patches, see [Introducing the New Security Patch Release](https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-Patch-Release/ba-p/141287).

src/guides/v2.3/release-notes/2-3-7-p2.md

@@ -3,29 +3,30 @@ group: release-notes
 title: Adobe Commerce 2.3.7-p2 Release Notes
 ---
 
-{{ site.data.var.ee }} 2.3.7-p2 is a security-only release that provides security fixes that enhance your {{ site.data.var.ee }} 2.3.7 or {{ site.data.var.ce }} 2.3.7 deployment. Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release provides. Patch 2.3.7-p2 is a security-only patch that provides fixes for vulnerabilities that have been identified in our previous quarterly release, {{ site.data.var.ee }} 2.3.7-p1.
+{{ site.data.var.ee }} 2.3.7-p2 is a security release that provides security fixes that enhance your {{ site.data.var.ee }} 2.3.7 or {{ site.data.var.ce }} 2.3.7 deployment. It provides fixes for vulnerabilities that have been identified in the previous release ({{ site.data.var.ee }} 2.3.7-p1).
 
 {:.bs-callout-info}
 PHP 7.3 reaches end of support in December 2021, and {{ site.data.var.ee }} 2.3.x and {{ site.data.var.ce }} 2.3.x reaches end of support in April 2022. **We strongly recommend planning your upgrade now to {{ site.data.var.ee }} 2.4.x or {{ site.data.var.ce }} 2.4.x deployment to help maintain PCI compliance**.
 
 {:.bs-callout-info}
-Quarterly releases may contain backward-incompatible changes (BIC). To review minor backward-incompatible changes, see [BIC reference]({{page.baseurl}}/release-notes/backward-incompatible-changes/reference.html). (Major backward-incompatible issues are described in [BIC highlights]({{page.baseurl}}/release-notes/backward-incompatible-changes/index.html). Not all releases introduce major BICs.)
+Releases may contain backward-incompatible changes (BIC). To review minor backward-incompatible changes, see [BIC reference]({{page.baseurl}}/release-notes/backward-incompatible-changes/reference.html). (Major backward-incompatible issues are described in [BIC highlights]({{page.baseurl}}/release-notes/backward-incompatible-changes/index.html). Not all releases introduce major BICs.)
 
 ## What's in this release?
 
-Six security fixes and several security enhancements are included in this security patch. Only one of these six fixes is an externally reported vulnerability. Fixes for externally reported vulnerabilities are documented in the [Adobe Security Bulletin](https://helpx.adobe.com/security/products/magento/apsb21-86.html).
+This security patch includes:
 
-Security-only patches typically include all hotfixes that have been released for the preceding complete release. This release incorporates the two hotfixes that have been released for {{ site.data.var.ee }} 2.3.7-p1 and {{ site.data.var.ce }} 2.3.7-p1. See [Adobe Commerce 2.3.7-p1 Release Notes]({{page.baseurl}}/release-notes/2-3-7-p1.html) for information about these hotfixes.
+*  All hotfixes that have been released for the preceding patch release
+*  Security enhancements
+*  Six security bug fixes. Only one of these six fixes is an externally reported vulnerability. Fixes for externally reported vulnerabilities are documented in the [Adobe Security Bulletin](https://helpx.adobe.com/security/products/magento/apsb21-86.html).
+*  Bug fixes for the [Klarna](https://docs.magento.com/user-guide/v2.3/payment/klarna.html) and [Vertex](https://docs.magento.com/user-guide/v2.3/tax/vertex.html) vendor-developed extensions.
 
-This release also includes bug fixes for the [Klarna](https://docs.magento.com/user-guide/v2.3/payment/klarna.html) and [Vertex](https://docs.magento.com/user-guide/v2.3/tax/vertex.html) vendor-developed extensions.
+### Hotfixes
 
-### Resolution of known issues in Adobe Commerce 2.3.7-p1
+This release includes the following hotfixes, which address known issues first identified in {{ site.data.var.ee }} 2.3.7-p1:
 
-This release includes fixes for the following known issues, which were first identified in {{ site.data.var.ee }} 2.3.7-p1:
+*  Patch `AC-384__Fix_Incompatible_PHP_Method__2.3.7-p1_ce.patch to address PHP fatal error on upgrade`. See the [Adobe Commerce upgrade 2.4.3, 2.3.7-p1 PHP Fatal error Hotfix](https://support.magento.com/hc/en-us/articles/4408021533069-Adobe-Commerce-upgrade-2-4-3-2-3-7-p1-PHP-Fatal-error-Hotfix) Knowledge Base article for information on both patch and issue.
 
-*  *PHP fatal error on upgrade*. This issue was previously addressed by patch `AC-384__Fix_Incompatible_PHP_Method__2.3.7-p1_ce.patch to address PHP fatal error on upgrade`.
-
-*  *Previously placed order price is displayed when a shopper tries to place an order with a different product using the PayPal payment method*. This issue was previously addressed by patch `Adobe Commerce 2.3.7-p1 known issue outdated order total for PayPal`.
+*  Patch `Adobe Commerce 2.3.7-p1 known issue outdated order total for PayPal`. See the [Adobe Commerce upgrade 2.4.3, 2.3.7-p1 PHP Fatal error Hotfix](https://support.magento.com/hc/en-us/articles/4405999788685-Adobe-Commerce-2-3-7-p1-known-issue-outdated-order-total-for-PayPal) Knowledge Base article for information on both patch and issue.
 
 ### Security highlights
 
@@ -45,8 +46,8 @@ The unsupported source expression `unsafe-inline` has been removed from the Cont
 
 ## Installation and upgrade instructions
 
-For instructions on downloading and applying security-only patches (including patch 2.3.7-p2), see [Quick start install]({{site.baseurl}}/guides/v2.4/install-gde/composer.html).
+For instructions on downloading and applying security patches (including patch 2.3.7-p2), see [Quick start install]({{site.baseurl}}/guides/v2.4/install-gde/composer.html).
 
 ## More information?
 
-For general information about security-only patches, see the Magento DevBlog post [Introducing the New Security-only Patch Release](https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-only-Patch-Release/ba-p/141287).
+For general information about security patches, see [Introducing the New Security Patch Release](https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-Patch-Release/ba-p/141287).

src/guides/v2.4/release-notes/2-4-2-p2.md

@@ -3,17 +3,17 @@ group: release-notes
 title: Adobe Commerce 2.4.2-p2 Release Notes
 ---
 
-{{ site.data.var.ee }} 2.4.2-p2 is a security-only release that provides 18 security fixes that enhance your Magento 2.4.2 deployment. Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release provides. Patch 2.4.2-p2 provides fixes for vulnerabilities that have been identified in our previous quarterly release, {{ site.data.var.ee }} 2.4.2 and {{ site.data.var.ce }} 2.4.2.
+{{ site.data.var.ee }} 2.4.2-p2 is a security release that provides 18 security fixes that enhance your Magento 2.4.2 deployment. Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release provides. Patch 2.4.2-p2 provides fixes for vulnerabilities that have been identified in our previous quarterly release, {{ site.data.var.ee }} 2.4.2 and {{ site.data.var.ce }} 2.4.2.
 ## What's in this release?
 
 Eighteen security fixes are included in this security patch. See [Adobe Security Bulletin](https://helpx.adobe.com/security/products/magento/apsb21-64.html).
 
-Security-only patches typically include all hotfixes that have been released for the preceding complete release. However, no hot fixes have been released for {{ site.data.var.ee }} 2.4.2 and {{ site.data.var.ce }} 2.4.2.
+Security patches typically include all hotfixes that have been released for the preceding complete release. However, no hot fixes have been released for {{ site.data.var.ee }} 2.4.2 and {{ site.data.var.ce }} 2.4.2.
 
 ## Installation and upgrade instructions
 
-For instructions on downloading and applying security-only patches (including patch 2.4.2-p2), see [Quick start install]({{site.baseurl}}/guides/v2.4/install-gde/composer.html).
+For instructions on downloading and applying security patches (including patch 2.4.2-p2), see [Quick start install]({{site.baseurl}}/guides/v2.4/install-gde/composer.html).
 
 ## More information?
 
-For general information about security-only patches, see the Magento DevBlog post [Introducing the New Security-only Patch Release](https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-only-Patch-Release/ba-p/141287).
+For general information about security patches, see [Introducing the New Security Patch Release](https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-Patch-Release/ba-p/141287).

src/guides/v2.4/release-notes/2-4-3-p1.md

@@ -3,22 +3,25 @@ group: release-notes
 title: Adobe Commerce 2.4.3-p1 Release Notes
 ---
 
-{{ site.data.var.ee }} 2.4.3-p1 is a security-only release that provides seven security fixes that enhance your {{ site.data.var.ee }} 2.4.3 or {{ site.data.var.ce }} 2.4.3 deployment. Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release provides. Patch 2.4.3-p1 provides fixes for vulnerabilities that have been identified in our previous quarterly release, {{ site.data.var.ee }} 2.4.3 and {{ site.data.var.ce }} 2.4.3.
+{{ site.data.var.ee }} 2.4.3-p1 is a security release that provides seven security fixes that enhance your {{ site.data.var.ee }} 2.4.3 or {{ site.data.var.ce }} 2.4.3 deployment. It provides fixes for vulnerabilities that have been identified in the previous release ({{ site.data.var.ee }} 2.4.3 and {{ site.data.var.ce }} 2.4.3).
 
 {:.bs-callout-info}
-Quarterly releases may contain backward-incompatible changes (BIC). To review minor backward-incompatible changes, see [BIC reference]({{page.baseurl}}/release-notes/backward-incompatible-changes/reference.html). (Major backward-incompatible issues are described in [BIC highlights]({{page.baseurl}}/release-notes/backward-incompatible-changes/index.html). Not all releases introduce major BICs.)
+Releases may contain backward-incompatible changes (BIC). To review minor backward-incompatible changes, see [BIC reference]({{page.baseurl}}/release-notes/backward-incompatible-changes/reference.html). (Major backward-incompatible issues are described in [BIC highlights]({{page.baseurl}}/release-notes/backward-incompatible-changes/index.html). Not all releases introduce major BICs.)
 
 ## What's in this release?
 
-Seven security fixes and several security enhancements are included in this security patch. Only one of these seven fixes is an externally reported vulnerability. Fixes for externally reported vulnerabilities are documented in the [Adobe Security Bulletin](https://helpx.adobe.com/security/products/magento/apsb21-86.html).
+This security patch includes:
 
-Security-only patches typically include all hotfixes that have been released for the preceding complete release. This release incorporates the two hot fixes that have been released for {{ site.data.var.ee }} 2.4.3 and {{ site.data.var.ce }} 2.4.3. See [Adobe Commerce 2.4.3 Release Notes]({{page.baseurl}}/release-notes/commerce-2-4-3.html) for information about these hotfixes.
+*  All hotfixes that have been released for the preceding patch release
+*  Security enhancements
+*  Seven security bug fixes. Only one of these seven fixes is an externally reported vulnerability. Fixes for externally reported vulnerabilities are documented in the [Adobe Security Bulletin](https://helpx.adobe.com/security/products/magento/apsb21-86.html).
+*  Bug fixes for the [Braintree](https://docs.magento.com/user-guide/payment/braintree.html), [Klarna](https://docs.magento.com/user-guide/payment/klarna.html#changes-in-the-latest-release), and [Vertex](https://docs.magento.com/user-guide/tax/vertex.html#changes-in-the-latest-release) vendor-developed extensions.
 
-This release also includes bug fixes for the [Braintree](https://docs.magento.com/user-guide/payment/braintree.html), [Klarna](https://docs.magento.com/user-guide/payment/klarna.html#changes-in-the-latest-release), and [Vertex](https://docs.magento.com/user-guide/tax/vertex.html#changes-in-the-latest-release) vendor-developed extensions.
+### Hotfixes
 
-### Resolution of known issues in Adobe Commerce 2.4.3
+This release includes the following hotfix:
 
-This release includes a fix for the PHP fatal error on upgrade known issue, which was first identified in {{ site.data.var.ee }} 2.4.3 or {{ site.data.var.ce }} 2.4.3. This issue was previously addressed by patch `AC-384__Fix_Incompatible_PHP_Method__2.3.7-p1_ce.patch to address PHP fatal error on upgrade`.
+*  Patch `AC-384__Fix_Incompatible_PHP_Method__2.3.7-p1_ce.patch to address PHP fatal error on upgrade`. See the [Adobe Commerce upgrade 2.4.3, 2.3.7-p1 PHP Fatal error Hotfix](https://support.magento.com/hc/en-us/articles/4408021533069-Adobe-Commerce-upgrade-2-4-3-2-3-7-p1-PHP-Fatal-error-Hotfix) Knowledge Base article for information on both patch and issue.
 
 ### Security highlights
 
@@ -34,8 +37,8 @@ The unsupported source expression `unsafe-inline` has been removed from the Cont
 
 ## Installation and upgrade instructions
 
-For instructions on downloading and applying security-only patches (including patch 2.4.3-p1), see [Quick start install]({{site.baseurl}}/guides/v2.4/install-gde/composer.html).
+For instructions on downloading and applying security patches (including patch 2.4.3-p1), see [Quick start install]({{site.baseurl}}/guides/v2.4/install-gde/composer.html).
 
 ## More information?
 
-For general information about security-only patches, see the Magento DevBlog post [Introducing the New Security-only Patch Release](https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-only-Patch-Release/ba-p/141287).
+For general information about security patches, see [Introducing the New Security Patch Release](https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-Patch-Release/ba-p/141287).

src/guides/v2.4/release-notes/commerce-2-4-1.md

@@ -13,11 +13,11 @@ All known issues identified in Magento 2.4.0 have been fixed in this release.
 
 Quarterly releases may contain backward-incompatible changes (BIC). Magento 2.4.1 contains minor backward-incompatible changes. To review minor backward-incompatible changes, see [BIC reference]({{page.baseurl}}/release-notes/backward-incompatible-changes/reference.html). (Major backward-incompatible issues are described in [BIC highlights]({{page.baseurl}}/release-notes/backward-incompatible-changes/index.html). Not all releases introduce major BICs.)
 
-## Security-only patch available
+## Security patch available
 
-Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release (for example, Magento 2.4.0-p1) provides. Patch 2.4.0.1 (Composer package 2.4.0-p1) is a security-only patch that provides fixes for vulnerabilities that have been identified in our previous quarterly release, Magento 2.4.0. All hot fixes that were applied to the 2.4.0 release are included in this security-only patch. (A *hot fix* provides a fix to a released version of Magento that addresses a specific problem or bug.)
+Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release (for example, Magento 2.4.0-p1) provides. Patch 2.4.0.1 (Composer package 2.4.0-p1) is a security patch that provides fixes for vulnerabilities that have been identified in our previous quarterly release, Magento 2.4.0. All hot fixes that were applied to the 2.4.0 release are included in this security patch. (A *hot fix* provides a fix to a released version of Magento that addresses a specific problem or bug.)
 
-For general information about security-only patches, see the Magento DevBlog post [Introducing the New Security-only Patch Release](https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-only-Patch-Release/ba-p/141287). For instructions on downloading and applying security-only patches (including patch 2.3.5-p2), see [Install Magento using Composer]({{page.baseurl}}/install-gde/composer.html). Security-only patches include security bug fixes only, not the additional security enhancements that are included in the full patch.
+For general information about security patches, see [Introducing the New Security Patch Release](https://community.magento.com/t5/Magento-DevBlog/Introducing-the-New-Security-Patch-Release/ba-p/141287). For instructions on downloading and applying security patches (including patch 2.3.5-p2), see [Install Magento using Composer]({{page.baseurl}}/install-gde/composer.html). Security patches include security bug fixes only, not the additional security enhancements that are included in the full patch.
 
 ## Other release information