In this blog, we will summarize what changes in the new version of Magento 2.2.3: 35 improvements of product security, a change of Admin Panel which helps you in USPS Shipping, and a copyright update.
- Help close cross-site request forgery (CSRF), unauthorized data leaks, and authenticated Admin user remote code execution vulnerabilities.
- Support for Elasticsearch 5.x.
- Change to Magento Admin to support recent USPS shipping changes. On February 23, 2018, USPS removed APIs that support the creation of shipping labels without postage. In response, this functionality was removed from the Magento Admin. Consequently, users cannot create and print shipping labels that do not have postage applied.
- New layers of control for cache management tasks managed through the Magento Admin. This release introduces finer permissions for cache management tasks such as flushing cache storage, flushing the Magento cache, and refreshing cache types.
- Updated copyright to 2018.
Magento 2.2.3 includes multiple security enhancements. Although this release includes these enhancements, no confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions, so we recommend that you upgrade your Magento software to the latest version as soon as possible.
We are finishing all procedure of upgrading themes to be compatible with the latest version of Magento 2.2.3. Here are 2 HOT items which have been already updated: