Re-download new Magento security patch
I just received the following email from Magento, just as I was about to pack up for the weekend!
We are aware that you recently downloaded a Magento security patch on Tuesday, July 7th.
We’ve since learned that this security patch omitted patches on responsive web design (RWD) themes for XSS and have since published an updated version of the patch, which resolves this gap. We are specifically writing to you to take immediate action to return to the download page and download the updated patch V2. To apply the patch, you will need to revert the previous patch and apply the new version.
Thank you for your cooperation. We apologize for any inconvenience this may have caused.
Regards,
Magento Team
So how do I revert a Magento security patch
Thankfully it’s not that difficult. The easiest way is to follow the steps you used to originally apply the patch, but this time using ‘ -R’ at the end of the command.
sh patch-file-name.sh -R
SSH Wrapper
I’ve been using a SSH wrapper file for some Magento sites which don’t have direct shell access to the server. I can then call the file via the browser.
<pre><?php //Magento ver. 1.9.1.0 //system("sh PATCH_SUPEE-5994_CE_1.6.0.0_v1-2015-05-15-04-34-46.sh"); //system("sh PATCH_SUPEE-6285_CE_1.9.1.1_v1-2015-07-07-09-03-34.sh -R"); system("sh PATCH_SUPEE-6285_CE_1.9.1.1_v2-2015-07-08-08-07-43.sh"); ?></pre>
With Magento releasing patches in abundance lately, I comment out the previously applied patches to help me in such scenarios. I now know the last Magento patch applied and still have the command saved so I can quickly revert it.
3 Comments