Magento Open Source 2.1.15 Release Notes
- Highlights
- Fixed issues
- Community contributions
- System requirements
- Installation
- Migration toolkits
- Credits
Patch code and release notes were published on September 18, 2018.
We are pleased to present Magento Open Source 2.1.15. This release includes multiple enhancements to product security plus bug fixes and enhancements. Check out the many community-contributed fixes!
Although this release includes these enhancements, no confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions, so we recommend that you upgrade your Magento software to the latest version as soon as possible.
See Magento Security Center for a comprehensive discussion of these issues. All exploitable security issues fixed in this release (2.1.15) have been ported to 2.2.6, 1.14.3.10, and 1.9.3.10, as appropriate.
Highlights
Magento 2.1.15 contains 25 security fixes and enhancements. See Magento Security Center for more information.
Fixed issues
In addition to security enhancements, this release contains the following functional fixes.
Installation, configuration, and deployment
- The Module Manager now correctly displays the list of modules (System > Tools > Web Setup Wizard > Module Manager). Previously, Magento threw an error when you tried to display the module list. Fix submitted by Vijay Golani in pull request 15756. GitHub-15192
Banner
- Banners are now visible only when their associated rules are applied.
Catalog
- The
Magento\Catalog\Model\ResourceModel\Category\Collection::joinUrlRewrite
method now uses thestoreId
value set on the actual collection of the store rather than thestoreId
retrieved from the store manager. Fix submitted by Alessandro Pagnin in pull request 13756. GitHub-13704
- Magento now uses
data-container="product-list"
instead ofdata-container="product-grid"
when displaying a product list. Fix submitted by Viral Vasara in pull request 15816. GitHub-15319
- Magento has improved the accuracy of prices requiring more than two digits that are listed on the Product page. Previously, when a product price was represented by more than two digits (for example, $5.43), JavaScript settings always used the rounding logic for two digits only. (For example, the amount 9.4880 was displayed as 9.49.) Fix submitted by Dmytro Cheshun in pull request 15926. GitHub-14249
Cart and checkout
- The minicart now displays product names that contain special characters. Fix submitted by ampulos in pull request 14665. GitHub-13652
CMS content
- You can now successfully upload logo images in Internet Explorer. Previously, Magento did not upload the image, but instead displayed this error:
Object doesn't support property or method 'set'
.
- CSS minification is now compatible with CSS3
calc()
function. GitHub-8552
Customer
- Magento now preserves the user group ID when using
/V1/customers/:customerId
(PUT). Previously, Magento set the customer group ID to 1 when you called/V1/customers/:customerId
(PUT) and the customer had an assigned group ID. Fix submitted by André Ferraz in pull request 14757. GitHub-14663
Directory
- Magento now supports Canadian Postal codes without spaces as expected. Fix submitted by Hitesh in pull request 16031. GitHub-13899
- Administrators can now add a parameter to
app/etc/env.php: user_admin_email
. This parameter ensures that when a new administrator account is created, Magento sends an email to default store’s email and, if present, to an email address defined inuser_admin_email
.
Framework
- Magento now leaves at least one record after cleaning up the changelog tables after restarting MySQL. Previously, the product
version_id
lost the most recentauro_increment
value after restarting MySQL. Fix submitted by Oleksandr Kravchuk in pull request 14471. GitHub-14465
- Magento now displays custom price symbols as expected. Previously, when a merchant created variations of a configurable product, product prices were not readable if they contained a custom price symbol. Fix submitted by Yaroslav Rogoza in pull request 14471. GitHub-14902
- Magento now correctly aligns submenus. Fix submitted by Dmytro Cheshun in pull request 15714. GitHub-7897
- Magento now supports Malaysian locales. Fix submitted by Dmytro Cheshun in pull request 15927. GitHub-14089
General
- The product video feature is now GDPR-compliant.
- Magento now checks that a product is assigned to a specific website in a multistore environment before a customer can write a product review. Previously, a customer could write a review for a product that was not assigned to the store they were logged in to. Fix submitted by afirlejczyk in pull request 14673.
- The
transport
event parameter has been changed from typeArray()
to typeDataObject
. This is a reversion of a change that was made in an earlier release. Fix submitted by gwharton in pull request 16601. GitHub-10210
- Merchants can now place an order for a grouped product where the quantity of subproducts is less than one unit. Fix submitted by Yaroslav Rogoza in pull request 15407. GitHub-14692
- Magento now sets the
trigger_recollect
attribute back to 0 after collecting total amounts for the quote. Previously, Magento timed out if a customer tried to reload a quote. Fix submitted by Yaroslav Rogoza in pull request 15522. GitHub-9580
- Magento no longer recalculates prices unnecessarily when refreshing the Catalog page, which has improved product performance. Fix submitted by Jeroen Van Leusden in pull request 15445. GitHub-14941
- The annotation for the
formatDateTime
function in thelib/internal/Magento/Framework/Stdlib/DateTime/TimezoneInterface.php
file has been corrected. Thelocale
andtimezone
have been changed toparam string|null $locale
and@param string|null $timezone
. Fix submitted by Vishal Gelani in pull request 15668. GitHub-15668
- The annotation for the
formatDateTime
function in thelib/internal/Magento/Framework/Stdlib/DateTime/TimezoneInterface.php
file has been corrected. Thelocale
andtimezone
have been changed toparam string|null $locale
and@param string|null $timezone
. Fix submitted by Vishal Gelani in pull request 15669. GitHub-15601
- We’ve refactored the JavaScript code in the
split.phtml
template file for the button widget. Fix submitted by Vijay Golani in pull request 15736. GitHub-15354
- The misspelling of
setCategoryIds
has been corrected throughout the code base. Fix submitted by Viral Vasara in pull request 15814.
- Customers can now successfully download and export PDFs after logging in. Previously, customers were redirected to the Admin when trying to download or export data to a PDF right after logging in. Fix submitted by Sanjay Patel in pull request 15767. GitHub-15510
select
elements now display with the styles you set in_theme.less
as expected. Fix submitted by Hitesh in pull request 15796. GitHub-15608
-
Client-side email validation now works in Internet Explorer 11.x the same way as it does in Chrome. Previously, a leading or trailing space on the following pages resulted in client-side validation failure in Magento stores deployed on Internet Explorer 11.x. Fix submitted by Piyush Dankhara in pull requests 15874 and 16297. GitHub-6058
-
Customer Account Login page email field
-
Customer Account create page
-
Customer Authentication popup when the Allow Guest Checkout is set to No
-
.limiter
now has the same parent selectors (similar to.pages
) to prevent clashes between styles and layouts. Previously,.limiter
was too generic and was used as single selector for floating the element. Fix submitted by Hitesh in pull request 15880. GitHub-15323
- Changing the
@tab-content__border
variable now affects on the tabs content border as expected. Fix submitted by Hitesh in pull request 15917. GitHub-14999
- The Multiple Payment Methods Enabled setting now works as expected. Previously, Magento threw this error when this setting was enabled:
Found 3 Elements with non-unique Id
. Fix submitted by Viral Vasara in pull request 15834. GitHub-15348
- Primary buttons now have new LESS variables that permit you to change
font-weight
,font-size
, andfont-family
without changing default button attributes. Fix submitted by Chirag Matholiya in pull request 16037. GitHub-15832
- We’ve added a space between the category page and the main footer on pages using a single column layout. Fix submitted by Sanjay Patel in pull request 15727 GitHub-12601
- Customers can now successfully log in after resetting their password. Previously, Magento displayed this error “You did not sign in correctly or your account is temporarily disabled” even though the new password hash had been updated in the customer entity. Fix submitted by Vishal Gelani in pull request 16255. GitHub-15255
- Magento no longer displays duplicate element IDs for gift messages in the checkout page. Fix submitted by Chirag Matholiya in pull request 16264. GitHub-13415
- The JavaScript code in the
app/code/Magento/Tax/view/adminhtml/templates/class/page/edit.phtml
file has been refactored to meet Magento coding standards. Fix submitted by Vishal Gelani in pull request 16270. GitHub-15352
- Magento now correctly aligns page elements on the home page and category page of the Hot Seller section. Fix submitted by Chirag Matholiya in pull request 16287. GitHub-15213
- Fixed issues with the
jQuery UI DatePicker
’s display of sequential months. Fix submitted by Burlacu Vasilii in pull request 16280. GitHub-7379
- The
clickableOverlay
option in modals now works as expected. Fix submitted by Prince Patel in pull request 16665. GitHub-7399
- Users assigned a Restricted User role no longer receive the message
Something went wrong
when viewing orders.
- Magento no longer unnecessarily displays this warning when a customer opens a product page:
The property price is not valid
. GitHub-7173
Infrastructure
- The
Layout.eventManager
now correctly dispatches thelayout_render_before
events before Magento renders the current layout.
JavaScript
- The Shipping and Estimate Tax page now correctly displays country, city, and postal code fields. Fix submitted by Vishal Gelani in pull request 16491. GitHub-8222
Newsletter
- Magento now displays the newsletter subscription confirmation message as expected after a customer clicks the confirmation link in the subscription confirmation email. Fix submitted by Rahul Kachhadiya in pull request 15860. GitHub-14747
Quote
- Magento no longer throws an error when trying to load the quote item collection using the
Magento\Quote\Model\ResourceModel\QuoteItem\Collection::getItems()
method. Fix submitted by Neeta Kangiya in pull request 15829.
Sales
- Magento now supports GNU free fonts in invoice and shipment PDFs. Previously, PDFs containing Arabic, Russian, Greek, Indian, or Thai alphabets did not correctly render those characters. Fix submitted by Ross in pull request 15829. GitHub-9666, GitHub-12323
- An exported invoice’s CSV file now contains information specific to the selected invoice only. Previously, when you selected Invoices > Export > CSV, and opened the CSV file, the exported file contained information from more than the selected invoice. Fix submitted by Yaroslav Rogoza in pull request 14903.
- The incorrect type hinting in PHPDocs has been corrected. Fix submitted by Dmytro Cheshun in pull request 15619. GitHub-13992
Search
- You can now use the Enter key to submit a search form. Fix submitted by Vishal Gelani in pull request 16281. GitHub-13793
Sitemap
- XML sitemap generation can now be scheduled. Fix submitted by Yaroslav Rogoza in pull request 15159. GitHub-5768
Swagger
- The REST API schema is now compatible with search criteria. The
searchCriteria
parameters builder now contains a zero index to the array signifier, which supports generation of the correct response when a user tests a method with search criteria parameters in Swagger. Fix submitted by Vishal Gelani in pull request 15945. GitHub-11477
Translations
- You can now translate the
moreButtonText
text string. Fix submitted by Karla Saaremäe in pull request 16229. GitHub-16079
Community contributions
We are grateful to the wider Magento community and would like to acknowledge their contributions to this release.
Individual contributor contributions
The following table identifies contributions from our community members. This table lists the community member who contributed the pull request, the external pull request, and the GitHub issue number associated with the pull request (if available).
Partner contributions
The following table highlights contributions made by Partners. This table lists the Partner who contributed the pull request, the external pull request, and the GitHub issue number associated with it (if available).
System requirements
Our technology stack is built on PHP and MySQL. For more information, see System Requirements.
Installation
See How to get the Magento software for comprehensive information about Magento 2.1.x installation and setup.
Migration toolkits
The Magento Data Migration Tool helps transfer existing Magento 1.x store data to Magento 2.x. This command-line interface includes verification, progress tracking, logging, and testing functions. For installation instructions, see Install Data Migration Tool. Consider exploring or contributing to the Magento Data Migration repository.
An updated version of this toolkit is typically available several days after the patch release.
The Code Migration Toolkit helps transfer existing Magento 1.x store extensions and customizations to Magento 2.0.x. The command-line interface includes scripts for converting Magento 1.x modules and layouts.
Credits
Dear community members, thank you for your suggestions, bug reports, and code contributions.