There were no new M1 version released by Magento/Adobe for this update, so the latest Magento 1.9.4.5 should be patched with SUPEE-11346.
OpenMage LTS released v19.4.4 and v20.0.0 with this patch included.
Note: Install this and any other missing patches with our Magento patch installation service or upgrade to OpenMage LTS v19.4.15 (released on August 26, 2021).
Download SUPEE-11346
You can download SUPEE-11346 for your Magento version below, just right click and select “Save file as” from the table below.What is changed with SUPEE-11346
It is probably the smallest patch for M1. Known issues are not expected with SUPEE-11346 as it changes just a three lines of code in 3 files (filtered user input, sanitizedunserialize()
call and protected `entity_type_id` on attribute save):
diff --git app/code/core/Mage/Adminhtml/Block/Widget/Form.php app/code/core/Mage/Adminhtml/Block/Widget/Form.php index 2c4b3ffdc70..598c1eea8ba 100644 --- app/code/core/Mage/Adminhtml/Block/Widget/Form.php +++ app/code/core/Mage/Adminhtml/Block/Widget/Form.php @@ -190,7 +190,7 @@ class Mage_Adminhtml_Block_Widget_Form extends Mage_Adminhtml_Block_Widget 'label' => $attribute->getFrontend()->getLabel(), 'class' => $attribute->getFrontend()->getClass(), 'required' => $attribute->getIsRequired(), - 'note' => $attribute->getNote(), + 'note' => $this->escapeHtml($attribute->getNote()), ) ) ->setEntityAttribute($attribute); diff --git app/code/core/Mage/Adminhtml/controllers/Catalog/Product/AttributeController.php app/code/core/Mage/Adminhtml/controllers/Catalog/Product/AttributeController.php index b39d034ed7d..8cb73a0ff8b 100644 --- app/code/core/Mage/Adminhtml/controllers/Catalog/Product/AttributeController.php +++ app/code/core/Mage/Adminhtml/controllers/Catalog/Product/AttributeController.php @@ -288,6 +288,10 @@ class Mage_Adminhtml_Catalog_Product_AttributeController extends Mage_Adminhtml_ $data['apply_to'] = array(); } + if ($model) { + $data['entity_type_id'] = $model->getEntityTypeId(); + } + //filter $data = $this->_filterPostData($data); $model->addData($data); diff --git app/code/core/Mage/Eav/Model/Attribute.php app/code/core/Mage/Eav/Model/Attribute.php index 0d3db560fcf..f0dc25343e8 100644 --- app/code/core/Mage/Eav/Model/Attribute.php +++ app/code/core/Mage/Eav/Model/Attribute.php @@ -116,7 +116,7 @@ abstract class Mage_Eav_Model_Attribute extends Mage_Eav_Model_Entity_Attribute if (is_array($rules)) { return $rules; } else if (!empty($rules)) { - return unserialize($rules); + return Mage::helper('core/unserializeArray')->unserialize($rules); } return array(); }
Download SUPEE-11346
Magento version | SUPEE-11346 | MD5 checksum |
---|---|---|
Magento CE 1.5.1.0 | SUPEE-11346 1.5.1.0 | 5dcb7b0fa3257b0dcf22b7051b86845c |
Magento CE 1.6.2.0 | SUPEE-11346 1.6.2.0 | 9eaaee24db2789451644cc49b8b5e778 |
Magento CE 1.7.0.2 | SUPEE-11346 1.7.0.2 | 49c7fae28bea8d3280f5e39482d92488 |
Magento CE 1.8.0.0 | SUPEE-11346 1.8.0.0 | 6c4ed32de2a6ea5b01d6a906aa7a3932 |
Magento CE 1.8.1.0 | SUPEE-11346 1.8.1.0 | 28a5f171668d4c818d4cdcf92d301db2 |
Magento CE1.9.0.0- 1.9.0.1 | SUPEE-11346 1.9.0.1 | 11f620147e735a629db9d916ffce5948 |
Magento CE 1.9.1.0 | SUPEE-11346 1.9.1.0 | 72ed54551f38ed4b8e41754f963f9151 |
Magento CE 1.9.1.1 | SUPEE-11346 1.9.1.1 | 7cbaf3e9548e280d36b47b295945d56c |
Magento CE 1.9.2.0-1.9.2.4 | SUPEE-11346 1.9.2.4 | 4862d55093f785429ce4479c2990466e |
Magento CE 1.9.3.0-1.9.4.4 | SUPEE-11346 1.9.4.4 | f5fe5c35b2e7356f2e843a6ec314d371 |
Magento CE 1.9.4.5 | SUPEE-11346 1.9.4.5 | 46d62cc1eda4a4adc86b048d66994b2b |
OpenMage v19.4.3 | SUPEE-11346 1.9.4.5 | 46d62cc1eda4a4adc86b048d66994b2b |
OpenMage v19.4.5 | the patch is already included |