Webnexs pleased to present the new Magento Open Source 2.3.2 to the customers. Nearly 200 functional fixes are in this release to the core product and contributed 350 pull requests along with over 75 security enhancements.
Magento Commerce 2.3.2 Release Notes
New security patch available
Customers can install time-sensitive security fixes without applying the hundreds of functional fixes now. Patch 18.104.22.168 is a security-only patch that fixes for vulnerabilities.
If you have already upgraded this patch (2.3.2-p1), then it is advisable to upgrade 2.3.2-p2 earlier. Patch 2.3.2-p2 has critical security fixes which are included in Magento 2.3.3, 2.2.10.
Apply PRODSECBUG-2233 for critical remote code execution vulnerability
Some Magento Open Source and Magento Commerce, the Asynchronous and Bulk REST endpoints support the default store view scope only.
Magento Commerce 2.3.2: Highlights
This release is focused on security enhancements:
- 75 security enhancements that help close cross-site scripting (XSS), sensitive data disclosure vulnerabilities as well as other security issues. No possibility of attacks related to these issues may occur to date. Anyhow, some vulnerabilities may to access customer information or in any session
Remarkable performance improvement in Magento to storefront page response time. Response timings for the pages of catalog, search, and advanced search are well improved.
Improved access to block cache storage.
Optimized logic of access to the block cache, under high load by approximately 20%.
- Product page gallery load optimization. Product images are loaded at a very fast speed as other page content. In previous releases, also the product page loaded quickly, product images need two to four seconds additionally to complete the load.
- We can enable this performance enhancement by navigating.
Magento Commerce 2.3.2 Release contains 130 enhancements to core quality, which improve the quality of the Framework and modules.:
- Checkout/One Page Checkout
- Customer/Customers and
Some additional core enhancements:
- Braintree payment method is supported for checkout with multiple addresses. Before this release, you could not use Braintree because l when checking out an order that was being shipped to multiple addresses.
- The CGI URL gateway in the UPS module. The CGI URL gateway endpoint in the UPS module is updated from HTTP to HTTPS.
- Google chart API updated .. Magento Commerce 2.3.2 release now uses the Image-Charts free service to render static charts.
Merchant tool enhancements
Magento now offers the tasks as asynchronous background processes to alert the Admin when the tasks are over. Moving these administrative tasks to the background frees experts to attend other tasks while the initial tasks are processed.
- Discount coupon generation.
- Mass editing of products.
- Data export.
Vendor-developed extension enhancements
Magento Commerce 2.3.2 release offers extensions developed by third-party vendors.
Amazon Pay is now compliant with the PSD2 directive in the UK and Germany.
Hundreds of issues have got fixed in the Magento commerce 2.3.2 core code.
Installation, upgrade, deployment
- Magento now provides the value of configuration variables as they are in configuration files rather than saving the resolved value.
- Magento no longer throws an error when used to import configuration settings.
- It never throws an error when executing in parallel mode if theme deployment takes beyond 400 seconds.
- Magento will not throw an error during catalog setup when you run bin/magento setup: upgrade.
- The icon that identifies a dropdown menu now reflects the changing state of the dropdown menu’s status.
- Multiline type of Form fields works as expected on Admin forms.
- Magento displays the exact date in the Admin for scheduled design changes.
- The Change Status option of the entire action dropdown menu now works as expected.
- The option dropdown on the Admin Customizable page now works as per our expectation.
- Web setup wizard uses the correct path to check if the setup folder exists.
- Magento now redirects you to the Admin home page or a 404 page as expected when you tried, previously, redirects did not work properly, and Magento displayed the following message, The page isn’t redirecting properly.
- Magento creates the flag file as our expectation if you start a database backup. Previously, Magento did not perform like this.
- Magento now calculates the correct tier price for bundle products but previously, Magento did not derive the price correctly.
- CMS block cache keys now contain the appropriate store ID in deployments with many store views.
- Magento now updates the mini cart correctly if any product disabled during the shopping session.
- For guest customers, Magento now persists the shipping quote in the shopping cart.
Cart Price rules
- Magento displays the Cart Price Rule code on an order details Admin page now. But previously, in Magento no such option.
- Use the term configurable as a group name in attribute sets, clicking on a store’s root category now causes only that root category to expand, maintains correct pagination
- Magento saves customizable price input on the store-view.
- Magento never describes a configurable product as in-stock in the product list when the product is not in the stock.
- Corrected the position of the labels in the configurable product variations table. Configurable products can no longer be added as a variation of another configurable product in the Admin.
- Magento never empties your shopping cart after you have reset your password. Previously it was not so.
- Magento now saves the dates that are associated with custom customer attributes of type date. Previously, Magento did not save these dates.
- Magento never throws a 404 error when you click the frequently viewed products on the dashboard.
- Product prices will not be duplicated on the downloadable products page.
- Sales rule validation will be refactored to eliminate a crack in the sales rule collection
- Attribute code validation will improve with attribute creation.
- Initialization is added to two class variables that can be returned by class methods as parameters. Without this initialization, the variables are returned as null, which can cause Magento to leave a warning.
- Magento never sends an email via asynchronous. Sales-related emails that were created when email sending was enabled.
- The performance of product image loading is improved.
- Downloadable product by clicking the link. Previously, when you clicked on this link, it would never work properly.
- Magento threw many errors as one such is watermarked appear on the product images which are not expected.
Google Chart API
- The Google chart API is updated for the Image-Charts. Magento using Image-Charts free service to render static charts.
- Magento imports existing products for prices are changed. Previously, the product’s price was updated but it’s unchanged url-key was deleted.
- Magento now displays informative messages when you create a new product and earlier not like this.
- Now a list of Admin indexers will be assessed after creating a custom index. Earlier, if you tried to access the Admin’s indexer list, it gives a fatal error.
- The default models have changed and shared in this release.
- Price navigation step calculation for layered navigation now works as expected. Previously, results were not like this.
- Magento commerce now enables creating a log entry if an observer not done observer Interface in modes other than developer mode. Previously, it created in developer mode only
- Fixed issue along with the event stream Cron job and retrieving shipping labels in some AWS environments.
- Now we can change pages at higher speed from the Admin newsletter subscribers page. But in earlier times it took much time to move off this page.
- Newsletter subscription input now displays all text in the mobile view.
- The quick order form handles the SKUs which enter for configurable products as we need. Earlier Magento commerce showed an error when you tried to enter the SKU for a configurable product and appeared a link to the simple product which returned a 404 page.
- Programmatically created invoices now include all items as we expected when both simple and bundled products are mixed in order. But earlier when called without a specified quantity, the function never discards items as expected.
- Page cache is never active when maintenance mode is enabled. Previously, it would not like so.
- Magento commerce never throws an error indicating that a transaction was declined when authorize.net successfully processes the order. Previously the entire thing was a change.
- Magento creates an order using PayPal PayflowPro as for the need when a customer enters all the credit card information. Previously, Magento did not create the order.
- Attribute text that describes credit card type or stored payment methods during checkout is added to support accessibility.
- The transfer cart line items along with transfer shipping options in the shipping step of checkout will now work for PayPal.
- The multi shipping checkout flow supports the Braintree payment method.
- Magento never disables the button of place order in the checkout workflow when the customer has supplied the demand an email address for orders with Braintree.
- Improving approximately 20% response of storefront pages by optimizing the logic of concurrent access to the block cache.
- The date range in reports will not display the same start and end dates.
- Now Magento includes the amount of a credit memo’s refunded discount in its calculation of the value displayed in the total column.
- The downloads report table now displays an accurate count of all downloadable products also with the number of times they have been downloaded.
- The text for review-related headers on the Admin dashboard is edited for clarity.
- Fixed problems with the disabling and enabling order-related emails.
- We can change customer groups when building a new customer during order creation on the Admin.
- You can now successfully re-order a virtual product.
- When we place an Admin order for a product with a custom price, the order of a product at a regular price.
- The Data Provider and Save Controller files are edited to improve the persistence of form data in cart price rules.
- Added a condition to the Cart Price Rule configuration so that you can configure a cart price discount rule discount based on the minimum purchase amount that excludes tax. Previously, the subtotal was calculated only with tax included
- Catalog search values are now enforced as expected.
- The performance of layered navigation queries is improved.
- The search icon on the Admin page headers performs as expected.
- Magento reviews concrete classes while applying plugins. Previously, when the pluginized class was virtual-typed by a class with the name ending with an auto-generated suffix and without the implementation of the base concrete class, the process failed.
- UPS (non-XML) endpoints are now HTTPS instead of HTTP.
- Magento provides quotes for DHL shipments when DHL Content-Type is set to Non-Documents.
- The CGI URL gateway endpoint in the UPS module updated from HTTP to HTTPS in response to the disablement of the HTTP gateway by UPS in mid-2019.
- The tracking pop-up window shows an accurate value for the delivery date for FedEx shipments in transit.
- Images in the sitemap are no longer linked to the base store when scheduling start times and daily frequency.
- Magento validates sitemap file names to ensure that they do not exceed length limits.
- You can now preselect a configurable product swatch that contains an image.
- The tax applied to a child product is based on the tax class of that product. Previously, Magento based the tax on a child product. Now the shopping cart tax summary displays total tax as expected instead of individual tax values.
- The tax for child products is now based on the tax Class of that product. Previously, the tax was based on the tax class of the parent product.
- You can search for a tax rule based on both the Name and Tax Rate fields.
- The PHP-CS rule is added to the static test rules.
- Missing parameters to failing unit tests for FormatTests.
- Logo files transactional emails can be uploaded. Previously, Magento did not upload the logo.
- Checkboxes and radio buttons are now on focus while we navigate a form using the keyboard. This is a reversion of a fix (20861), which violated accessibility standards for keyboard navigation.
- Magento now perfectly uploads files from the theme config edit form page while you click
Translation and locales
- Product attribute labels are no longer translated.
- Uploading images is not possible when the Use Default Value setting on the Admin Content tab is enabled.
- The Date field associated with a page on the Admin Pages table now displays the correct date, not the current date.
- Screen readers can now identify the elements that are linked to fields for street address fields on the checkout page. Earlier, screen readers could not identify these fields because the elements were not populated.
- Product gallery images never open unexpectedly when you move over a product image while moving to another page’s elements.
- Magento no longer displays the customer name twice in the welcome message on the login page after a customer logs in.
- Magento will not upload images to the Category page unless the Use Default Value attribute is enabled.
- The added feature is to manage URL and rewrites when the product visibility attribute changes. If it is made invisible, Magento will delete the URL rewrite.
- URLs in Arabic now resolve as expected. Previously, if you create a URL rewrite in Arabic, the browser showed 404.
- Magento now retains filter terms after you’ve applied a filter to the Admin table, then click the back button.
- Customer wish lists now include review summaries for included products.
- Previously, you could enter both extremely large numbers and letters into this field, which resulted in undesirable, inaccurate changes in quantity.
- Magento now alerts you to the expected minimum quantity of product when you try to add a lesser product quantity to your shopping cart from the wishlist.
- You can insert widgets that contain WYSIWYG fields. Earlier, widgets with a parameter failed when inserting them into a WYSIWYG in a form.