FEB 28 2018

How to install SUPEE-10570

February 27, 2018: Community Edition 1.9.3.8 and SUPEE-10570 Security Enhancements – 02/27/2018.
New SUPEE-10570 patch can be downloaded as usual from Downloads page: https://magento.com/tech-resources/download#download2164 or installed as a regular Magento upgrade via Downloader (it is included in Magento 1.9.3.8 version). You can install it in the same way as previous patches or by upgrading to Magento 1.9.3.8. To apply the patch you need SSH access (shell access actually, SSH is just most used way to get shell access) to the server. If you have no SSH access, you can refer to How to apply SUPEE-10570 without SSH. If you wish to save time and have us to install these patches for you, simply click here to order installation.

Step 0: Preparations

Note: Make sure to Disable Magento Compiler at System > Configuration > Tools > Magento Compiler and clear compiled cache.

Step 1: Verify your Magento version

$ grep -A6 'static function getVersionInfo' app/Mage.php
    public static function getVersionInfo()
    {
        return array(
            'major'     => '1',
            'minor'     => '9',
            'revision'  => '3',
            'patch'     => '6',
As you can see in the example, it is Magento 1.9.3.6

Step 2: Download corresponding patch

The patch should be downloaded from https://magento.com/tech-resources/download#download2164 Make sure to get the right file corresponding to your Magento version.

Step 3: Place patches into Magento Root directory

Upload your files into Magento root directory. It is important to place patch files directly into Magento root directory and execute it also directly in Magento root directory.
$ ls -1 .
PATCH_SUPEE-10570_CE_v1.9.3.7_v1-2018-02-23-06-01-40.sh
app
cron.php
downloader
errors
favicon.ico
index.php
js
lib
mage
media
pkginfo
robots.txt
shell
skin
var
 

Step 4: Run the patches

$ bash ./PATCH_SUPEE-10570_CE_v1.9.3.7_v1-2018-02-23-06-01-40.sh
Checking if patch can be applied/reverted successfully...
Patch was applied/reverted successfully.
 

Step 5: Verification and flush of Magento PHP opcode cache

Flush Magento caches: Navigate in Magento backend to System > Cache Management and flush Magento cache and CSS/JS caches. If you use PHP opcode caches (OPCache/APC/XCache/eAccelerator) make sure to flush it after patching (or restart webserver), otherwise code will continue to run from caches. Test that your store is working. Test Checkout process.

Known issues

Patch fails to apply while patching lib/Zend/Mail/Transport/Sendmail.php
Your Magento installation is likely patched previously with SUPEE-9652 v1 instead of SUPEE-9652 v2. The recommended solution is to revert patch SUPEE-9652v1 and apply SUPEE-9652v2 prior to applying SUPEE-10570.
HTML tags are not allowed in SKU attribute
If you try to create or edit a product in the Admin panel and the product’s SKU attribute value contains HTML tags, Magento throws this error when you try to save the product: HTML tags are not allowed in SKU attribute. If you have any difficulties with applying the patches please let us know in comments, so we can find the solution together.  

Posted in: Magento Maintenance

How to install SUPEE-10570
39 votes, 5.00 avg. rating (99% score)
  • Matt

    Is anyone having issues with the patch failing block.php ? this is Magento Community Edition 1.9.2.4?

    checking file app/code/core/Mage/Admin/Model/Resource/Block.php
    Hunk #1 succeeded at 34 with fuzz 2 (offset -5 lines).
    Hunk #2 FAILED at 77.
    Hunk #3 succeeded at 48 with fuzz 2 (offset -57 lines).
    1 out of 3 hunks FAILED

    • Piers

      Hi Matt,

      Yes, just got this when installing on a 1.9.2.4 store.

      We found that the following files were missing from the install:

      app/code/core/Mage/Admin/Helper/Block.php
      app/code/core/Mage/Admin/Helper/Variable.php

      So, we downloaded an original 1.9.2.4 and added the files to our install from this download. Also, these files needed replacing with originals from a downloaded original 1.9.2.4:

      app/code/core/Mage/Admin/Model/Resource/Block.php
      app/code/core/Mage/Admin/Model/Resource/Variable.php
      app/code/core/Mage/Admin/Model/Block.php
      app/code/core/Mage/Admin/Model/Variable.php

      The store we were patching had been around a number of agencies in its past, so not sure what caused this, but it patches successfully now.

      Hope this helps.
      Piers

      • Matt

        Hi Piers,

        That was a great help, thank you for the tip.

        I’ve managed to get the patch to install perfectly fine now.

        Matt