Exciting news for the Magento community as Magento Commerce 2.2.5 was recently released. This release includes multiple enhancements to product security plus bug fixes and enhancements. Check out the over 150 community-contributed fixes!
Although this release includes these security enhancements, no confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions, so we recommend that you upgrade your Magento software to the latest version as soon as possible.
What’s new for Magento 2.2.5?
- Enhancements that help close stored XSS, SQL injection, and cross-site request forgery (CSRF) vulnerabilities.
- Resolution of issues that customers were experiencing when upgrading to Magento 2.2.4 in deployments that span multiple websites. Magento multi-store installations were not using the store view-specific values from the store configuration settings if these settings differed from the global default configuration settings. Instead, Magento used the default configuration for all store views.
- Substantial improvements to indexing performance.
- Over 150 community contributions.
- Improvements to core bundled extensions.
Core Code Improvements:
- Merchants can now run the catalog search full text indexer and category product indexer in parallel mode by store view. Refactoring of the catalog full text indexer has improved indexing performance up to 15% for very large profiles (600,000 products) and product catalogs with many configurable options (5,000 configurable products and 500 options).
- Improving the behavior of swatch product attributes search result page performance up to 31% for catalogs with many configurable product options.
- To improve checkout flow and the sorting of simple products Community contribution made some fixes
- Customers can now create an account from the Order Confirmation page.
- Magento now correctly applies coupon codes that exclude bundle products.
This release of Magento Shipping adds the following:
- With core returns, merchants can select carriers to use for returns and send a return label along with forward fulfillment.
- Batch processing increases automation and merchant efficiency by making it easier to process a large volume of shipments in batches.
- Collection points provide the ability for customers to designate a drop point rather than residence for delivery by carrier.
This release of Magento Shipping also includes additional minor enhancements, such as pagination to improve the Admin experience and multi version API.
Catalog Search Improvements:
Merchants can now run the catalog search full text indexer and category product indexer in parallel mode by store view. When you import new products using a CSV file, Magento no longer lists as in stock any products whose CSV values indicate that they should be represented as out-of-stock.
Improvements to Indexing Performance:
The search indexer is now scoped and multi threaded, which improves layered navigation, search, and indexing actions for complex sites with multiple store views and shared catalogs.
Improved the performance of editing or saving products in large categories (more than 18,000 products per category).
Improvements to Bundle products:
You can now successfully delete an option from a bundle product. Magento now correctly applies coupon codes that exclude bundle products. Previously, Magento applied these coupons but did not exclude bundle products as expected.
Enhancements to the newly integrated Tax Calculation Extension:
Merchants can now create a Vertex invoice refund as expected after an order has been canceled. The correct tax amount is now included as expected in the Order Total that is listed under the Order Summary section of the Orders page. Improved the performance of the Admin Create Order and Performance Compare Report in Plain Text – Catalog (server side) actions. Customers no longer receive a notice about negative tax amount after a merchant creates a refund on Vertex Cloud.
Need help in upgrading your Magento site or extensions to the latest Magento release? E-mail us at email@example.com or send a request for a Free Quote today through our website.