S

SUPEE-10570v2

SUPEE-10570v2 is the second version of SUPEE-10570 patch. The second version was released on March 28, 2018 to fix issue that could result in the inability of customers to complete checkout when trying to register during checkout.

SUPEE-10570v2 no longer causes this issue. Note, however, that this new patch no longer protects against two low risk session handling-related security issues that patch SUPEE-10570 protected against.

If you have not yet applied SUPEE-10570, do not apply it, but instead patch your store with SUPEE-10570v2. If you have already applied SUPEE-10570, please first uninstall SUPEE-10570, then install SUPEE-10570v2. All stores should be patched with SUPEE-10570v2 as Magento will use this patch as a base for future patch versions.

To install SUPEE-10570v2 please refer to the following articles: or use our patch installation service.

The difference between SUPEE-10570 and SUPEE-10570v2 is one line in app/code/core/Mage/Core/Model/Session/Abstract/Varien.php:
diff --git app/code/core/Mage/Core/Model/Session/Abstract/Varien.php app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
index 59b3ea8..35155f1 100644
--- app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
+++ app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
@@ -485,7 +485,7 @@ class Mage_Core_Model_Session_Abstract_Varien extends Varien_Object
             && isset($validatorData[self::VALIDATOR_PASSWORD_CREATE_TIMESTAMP])
             && isset($sessionData[self::VALIDATOR_SESSION_EXPIRE_TIMESTAMP])
             && $validatorData[self::VALIDATOR_PASSWORD_CREATE_TIMESTAMP]
-            > $sessionData[self::VALIDATOR_SESSION_EXPIRE_TIMESTAMP] - $this->getCookie()->getLifetime()
+            > $sessionData[self::VALIDATOR_SESSION_EXPIRE_TIMESTAMP]
         ) {
             return false;
         }
SUPEE-10570v2
0 votes, 0.00 avg. rating (0% score)