The latest versions of Magento Commerce and Magento Open Source 2.3.5-p1 and Security-Only Patch 2.3.4-p2, are now available…

The latest release of Magento Open Source software includes several enhancements to security, performance and platform quality and we strongly recommend you upgrade to ensure your online store stays compliant and maintains the highest level of security and performance.  They include various security improvements compared to the existing versions.

Magento also discovered an error during the pre-release period and we have released a correction via a new version.  If you access the code via Magento.com, you will only have access to the correct versions (2.3.5-p1 and 2.3.4-p2).  If you access the code via Composer you will need to manually request these specific versions.

Additionally, please note that a separate security hotfix for 2.3.5-p1 has also been released and will need to be downloaded and applied from Magento.  You can find their release notes for more information.  You can also learn more about the details of the security hotfixes on their web site too.

 

Deprecation of payment integrations

Lastly, with the latest release, all payment integrations except PayPal will have been deprecated from the Magento code and will no longer receive updates.

This change will affect all merchants using these integrations.  We encourage you to learn more by visiting the Magento web site or contacting us.  Please note, these payment integrations will be completely removed from the 2.4.0 code and you should plan to update your stores accordingly.

Lastly, Signifyd core fraud protection integration is also being deprecated and will not be supported anymore.  We always recommend using an official extension found in the Magento Marketplace if you need to reinstate this feature.

 

Where can I get more help?

If you need any help or advice with your web site, please contact us.  Customers who we believe will be affected should be contacted by us shortly.