Magento security update

Number: AV16-083
Date: 18 May 2016

Purpose

The purpose of this advisory is to bring attention to a new release of Magento Community Edition and Enterprise Edition that includes multiple security patches.

Assessment

Magento Community Edition version 2.0.6 and Enterprise Edition version 2.0.6 contains security patches for vulnerabilities including customer information leaks and remote code execution.

Suggested Action

CCIRC recommends that owner/operators test and deploy the vendor released update or workaround to affected platforms accordingly.

References:

https://magento.com/security/patches/magento-206-security-update

Date modified: