Release notes Shopware 6.6.10.3

Abstract

This patch release contains security fixes. It is recommended to update your system as soon as possible!

System requirements

• tested on PHP 8.2 and 8.3
• tested on MySQL 8 and MariaDB 10.11

Fixed bugs

• Blind SQL-injection in DAL aggregations
• Broken ACL on Document retrieval to access other customers documents
• Denial Of Service via password length
• Check for registered accounts through the store-api
• Default newsletter opt-in settings allow for mass sign-up abuse

More resources

• Detailed diff on Github to the former version
• Changelog on GitHub for this version.
• Installation overview
• Update from a previous installation

Get in touch

Discuss about decisions, bugs you might stumble upon, etc in our community slack. See you there 😉