Service Release 2 for AbleCommerce Gold R12

Applies To: These instructions apply to installations running AbleCommerce Gold R12 SR1, build 9266 only.

Release Date: 11/08/2017

Version: AbleCommerce Gold R12 SR2 build 9476

Make sure you are upgrading to the latest version available to you.

Click here to view the release history notes, and find the latest version of AbleCommerce Gold

Instructions before applying Service Patch

This service release patch corrects several issues listed in the change log below.

1.  Make a backup of your application and the database.

Download and apply Service Patch

2.  Determine the type of version you are using, WAP or WSP, and download the applicable file.  The WAP requires recompiling the project after update.

  • AbleCommerce Gold R12 WSP SR2 (build 9476): Gold_R12_SR2(WSP).zip

    MD5:  aefe660aab8c5209d057cfeb88b13189

  • AbleCommerce Gold R12 WAP SR2 (build 9476): Gold_R12_SR2(WAP).zip

    MD5:  c4bf480218f79e4c79e3e19df7b11aaf

  1. Using the MD5 checksum number provided, you can verify the integrity of the download before extraction (see below).

  1. Extract the contents.  Only changed files are included in the service release build.

  2. Compare the new files with your original ones, and merge any custom changes if needed.

    This patch includes two security updates.  Before applying, make sure you understand the changes being made in these files by reviewing the linked documentation for each.

    UPGRADE NOTE #1:  The web.config file has been updated to use .net version 4.6.2, so TLS 1.2 will be supported by default.  Before making this file update, confirm your application is using this version of Asp.Net first.  If not, either upgrade Asp.net on the server, or keep the information in your current web.config.  

    For more information, please see Enabling Support for TLS 1.2.

    UPGRADE NOTE #2:  Several updates were required to fix an issue with Cross-Site Scripting.  A list of files changed for this issue are:  

    /website/web.config
    /website/Admin/web.config
    /website/Layouts/Base.Master, Base.Master.cs
    /website/Layouts/Fixed/Base.Master, Base.Master.cs

    For more information, please see Path-Based Cross-Site Scripting (XSS) Failure

  3. Copy all files to their respective locations and restart the application.

  4. Recompile the application if using the WAP version.

(OPTIONAL) TO VERIFY THE DOWNLOAD:

  1. Go to WinMD5.com or any other utility that can provide checksum validation.

  2. Download and Run the utility.

  3. Select the downloaded file.

  4. In the field provided, past the original MD5 value provided by AbleCommerce help site, and click Verify.

  5. If the validation fails, do NOT install the patch.  Instead, contact support@ablecommerce.com for help.

Change Log (between builds 9266 and 9476)

BONUS feature:


NOTE:  If you are entitled to the CommerceBuilder source code, and would like to receive the source code updates made with this release, then please make a request through your order.  We will be happy to furnish this information to you through your secure account login.

ISSUE ID

SEVERITY

DESCRIPTION

AC8-3149

minor

Order search function using invalid property names for shipments and notes

AC8-3190

minor

Responsive: small mobile device hides the Social Media control

AC8-3192

minor

Category menu disappears under product image.

AC8-3194

minor

Assigning products to Coupons or Discounts needs Cancel button relabeled to Back

AC8-3196

minor

Authorize.NET: need to pass Solution ID in with each transaction

AC8-3197

normal

Performance issue when assigning several products to a coupon at once

AC8-3200

normal

ReportDataSource.cs has incorrect end date for monthly sales report

AC8-3220

minor

Link to register with the USPS Shipping Integration is not current

AC8-3221

normal

Extended fields are not working for Order object

AC8-3234

normal

Affiliate not getting associated with user

AC8-3241

normal

BasketService.Combine combines basket items even if they have different .CustomFields

AC8-3244

normal

Changing the encryption key only recrypts first 100 payments

AC8-3246

blocker

Beanstream: International State/Province Settings on check out

AC8-3247

high

Path-Based Cross-Site Scripting (XSS) Failure (see Upgrade Note #2 above)

AC8-3251

normal

Paypal IPN processor is missing order ID in redirect request

AC8-3252

normal

USPS First-Class Mail Parcel stopped working (can be patched separately)

AC8-3253

normal

Authorize.net CIM Authorize and Refund issues with new profile

AC8-3254

normal

Missing author for order note when Shipstation and Able sync shipped orders

AC8-3258

high

Enable support for Asp.Net 4.6.2 to meet TLS requirements (see Upgrade Note #1 above)

AC8-3259

normal

Update WA tax provider tax rate lookup URL

 

 

If you need to merge any customizations, we recommend that you use a file compare and merge utility such as WinMerge.  WinMerge is an Open Source file compare and merge utility which runs on all modern Windows versions.  Latest WinMerge version and other WinMerge information is available at http://winmerge.org

 

Copyright © 1994 - 2018 AbleCommerce.com, All rights Reserved | Privacy Policy

A division of Able Solutions Corporation, headquarters located in Vancouver, WA