We are pleased to present Magento Open Source 2.1.10. This release includes important enhancements to your Magento software.
Magento 2.1.10 contains almost 40 security fixes and functional enhancements. Look for the following highlights in this release:
- Improvements to how the PayPal Express Checkout payment method processes virtual products.
- Multiple enhancements to product security. See Magento Security Center for more information.
- Forty-four community-submitted bug fixes and multiple pull requests. These pull requests feature improvements in cacheing for configurable products (pull request 9809) and enhancements to the URL rewrite mechanism (pull request 10164).
- Support for management of multiple instances in the same crontab. These two new CLI commands (
cron:remove) were submitted by community member adrian-martinez-interactiv4.
Magento 2.1.10 includes multiple security enhancements. Although this release includes these enhancements, no confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions, so we recommend that you upgrade your Magento software to the latest version as soon as possible.
See Magento Security Center for more information.
Installation, setup, and deployment
- Magento no longer creates an
i18ndirectory under the system root directory (
/) when you run the
php bin/magento i18n:packcommand to install a language pack. GitHub-6260
Cart and checkout
- Magento now displays the checkout agreement validation for Terms and Condition acknowledgment after you’ve changed your payment method. GitHub-6224
- Magento now provides a Login button so that a customer can resume your checkout process if he or she returns to the check out page after leaving it mid-order.
- Magento now displays the correct error message when you enter an invalid discount code during checkout. GitHub-7230
- Credit card information now persists as expected after a customer enters a promotion code during checkout. Previously, after a entered credit card information and a discount code, and then clicked Place Order, Magento emptied the credit card information fields.
collectRates()method now obtains full address details for registered customers when the customer opens the Checkout page with an existing shipping address.
- You cannot check out as a guest customer until you delete any lingering long-term cookies by clicking Not me. Previously, in environments where Enable Persistence was set to Yes, you could log in as a guest and potentially complete an order that another customer had initiated.
- The quantity field for a product on the checkout page is now properly updated after you change the product quantity.
- Magento now includes disabled products when filtering product by price in the Admin. Previously, when you filtered products by price in the Admin, the total number of products was less than the unfiltered list of products.
- You can now sort the attribute table in the Add Attribute section of the Admin’s Product edit panel while you are adding an attribute to a product.
- Magento now correctly displays custom options at the store-view level. GitHub-2908, GitHub-5885, GitHub-5612
- Magento no longer displays a price for out-of-stock configurable products. Previously, Magento displayed a price of zero (0) when a configurable product was out-of-stock.
- Magento no longer pre-fills the Set Product as New From Date field with the date inherited from the Special Price From date. GitHub-4387
- We’ve fixed an issue prices weren’t saved correctly when Catalog Price Scopewas set to Website.
- Simple product videos now display the embedded video player instead of the thumbnail image. GitHub-6360, GitHub-8882
- You can now save a configurable product for which you’ve set the Weight value to this item has no weight. Previously, Magento displayed this error,
Notice: Undefined index: weight in \magento2ce\app\code\Magento\ConfigurableProduct\Model\Product\VariationHandler.php on line 154.
- Magento now displays tier prices of simple or virtual products on the configurable products page. GitHub-3759
- You can now save a value for an attribute that is shared between related, upsell, or cross-sell products that have different attribute sets. Previously, when a configurable product had another configurable product with a different attribute set as a related product, cross sell, or upsell and both attribute sets share a multiselect attribute, the value for that multiselect attribute could not be updated for the product.
- We’ve fixed an issue with session behavior that resulted in different customer sessions being shared between different customers on two websites.
- You can now successfully reset a customer password when the Website Restrictions setting is enabled. Previously, Magento redirected you to
customer/account/login/, from which you could not change a password.
- Vimeo videos now work when HTTPS is enabled. GitHub-7311
- Magento now displays the correct configurable product price based on the website to which it is assigned. Previously, Magento displayed the lowest price for the product, no matter which price was assigned to the product on a particular website.
- We’ve fixed an Ajax issue that prevented Add to Cart and Remove from Cart events from firing in Google Tag Manager as expected.
- Magento now allows you to import multiple alternative images with multiple labels that include commas in the description.
- Magento now completes order processing if the customer needs to re-enter credit card information during the order process. Previously, Magento returned this error,
No such entity with customerId = 0, and the order did not complete.
- You can now receive shipping quotes from either the Admin panel or the storefront.
- In orders with separate billing and shipping addresses, when you change the billing address but neglect to click Update before clicking Place order, Magento will not place the order until you click Update. Previously, under these conditions, Magento replaced the edited billing address with the shipping address.
- We’ve fixed a
PayPal.jserror that occurred when you tried to check out an order that contained a downloadable product.
- PayPal Express checkout now handles virtual products as expected. Previously, the checkout page redirected you to the review order page, and Magento displayed the Can’t place order message. Note: This is not associated with PayPal’s strategic decision to stop supporting sales of digital goods through PayPal Express Checkout as of January 2017. GitHub-10615
- Payment methods now retrieve new order status from config as expected. GitHub-5860
- Magento now handles tracking for FedEx shipments with valid tracking numbers as expected. Previously, Magento displayed an error when you clicked Track this Shipment, even when the tracking number was valid.
- Search synonyms in a group now can declare several words as synonyms. For example, “Elon Musk,tesla” is a valid synonym group, and a search on the phrase “Elon Musk” will also show results for the “tesla” keyword. Previously, you could declare synonyms for each word (for example, “Elon,Musk,Tesla”), but these words didn’t work as a phrase. Synonyms are also now case-insensitive.
- You can now save scheduled changes when running a store with a Japanese locale. Previously, Magento displayed this error,
error: : Future Update Start Time cannot be earlier than current time.
- Unconfigured bundle products that are included on a wishlist can now be edited or added to a cart. Previously, Magento displayed a 503 error when you either tried to edit or add to the cart any bundle products that were on a wishlist.