Magento released 184.108.40.206, Magento Commerce 220.127.116.11 & SUPEE patch 11219 on October 8, 2019 providing resolution of multiple critical security issues like remote code execution (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities. We have come up with patch files and recommend you to install them as soon as possible to safeguard your Magento stores against potential security threats.
I have explained the installation of patches with both the ways here:
Follow this instruction to install the patch on your store,
Upload patch files in the root of Magento.
Make one file with the name of patch.php, write following code in it,
<!--?php print("<PRE>"); passthru("/bin/bash SUPEE-11219.sh"); print("</PRE>"); echo "Done"; ?-->
replace the file name in it, upload it in the root and run the file from the browser.
Name should be PATCH_SUPEE-11219.sh
You should receive following screen once you run patch.php from the browser,
If you are getting an error like this,
“Error! Some required system tools, that are utilized in this sh script, are not installed; Tool (s) “patch” is (are) missed, please install it(them).
That means system tools aren’t installed on your server to run the sh script, you can contact your hosting provider or follow another method.
We have updated the patch files for the older Magento versions. It is very much recommended to use these patches at your own risk, please take a backup of your website prior to installation.
You can install a patch with SSH as well. You will need SSH if you don’t know how to set up SSH, contact your hosting provider.
Upload the patch files in the root,
In ssh console, run the command as follows.
For .sh file extension
For .patch file extension:
patch —p0 < patch_file_name.patch
Download the zip file for the patch installation. You can also download these Pre Patched files from GitHub. After downloading the files, simply upload it to your Magento root folder.
If you want to check that your Magento SUPEE 11219 has been installed correctly or not? Then you can use Magereport.com It is still recommended to upgrade to Magento version 18.104.22.168 which includes all the security patches including SUPEE 11219. If you need any help regarding Magento version Upgrade, Checkout our Magento Upgrade Service.