Number: AV16-083
Date: 18 May 2016
Purpose
The purpose of this advisory is to bring attention to a new release of Magento Community Edition and Enterprise Edition that includes multiple security patches.
Assessment
Magento Community Edition version 2.0.6 and Enterprise Edition version 2.0.6 contains security patches for vulnerabilities including customer information leaks and remote code execution.
Suggested Action
CCIRC recommends that owner/operators test and deploy the vendor released update or workaround to affected platforms accordingly.
References:
https://magento.com/security/patches/magento-206-security-update