Yesterday, we identified a PCI scanning issue for Zen Cart. Backbone Security, provides our PCI scanning and helped us to isolate and understand the following PCI scan Level 5 failure.
For those with webhosts which have currently upgraded to the newest PHP 5.3 there have been quite a few bugs and compatibility issues reported. In response to the demand to maintain PCI compliance and allow shop owners running the current 5.3 platform to continue to use Zen Cart a patch was released to make your Zen Cart compatible with PHP 5.3X. Note that while this patch is said to be backwards compatible, it is not necessary unless you are running PHP 5.3.
Zen Cart shop owners willing to bare it all can receive a free PRO-Webs site report. This lottery of brave shop owners willing to share their reports with other shop owners will be ongoing. Every month PRO-Webs will randomly choose 1 entry from the current month’s entries and complete and publish their Zen cart report for free.
We have compiled a list of the bug & security fixes you should be concerned with fixing on your 1.3.8 Zen Cart and those that are conditional, either by reported error or need. Please note that you should be subscribed to the Zen Cart 1.3.8 Bug Fixes thread & the Zen Cart Releases & Announcements thread for security and release patches & updates.
On 6/21/2009 the Zen Cart development team posted the following security vulnerability patch. (Security Patch)
Everyone is still buzzing and awaiting the Beta release of Zen Cart 2.0. The thread to subscribe to is here if you want updates and release information.That aside, we are going to get in to some details regarding the brave new Zen cart release of 2.0 in 2009 with the information we currently have and will update as we can.
