Skip to content

OpenMage Docs

Release v19.4.22 and v20.0.19

Initializing search

OpenMage/magento-lts

Get started
API
Development
Modules
Blog

OpenMage Docs

OpenMage/magento-lts

Get started
Get started
- Requirements
- Installing
  Installing
- Changelog
  Changelog
- Versioning
  Versioning
  - Currently Maintained
- Quick links
  Quick links
  - Tags
API
API
- REST
  REST
  - Common HTTP status codes
  - HTTP methods
  - Use filters
  - Resources
    Resources
    
    Products
    Products
    
    Product Categories
    
    Customers
    Customers
    
    Customers
  - Response Formats
  - Testing
- JSON-RPC
  JSON-RPC
  - Resources
    Resources
    
    Products
    Products
    
    Catalog Category API
    
    Catalog Product API
    
    Catalog Product Attribute API
    
    Inventory
    Inventory
    
    Catalog Inventory Stock Item API
    
    Customers
    Customers
    
    Customer API
    
    Customer Group API
    
    Customer Address API
    
    Sales
    Sales
    
    Sales Order API
    
    Sales Order Shipment API
    
    Sales Order Credit Memo API
    
    Sales Order Invoice API
Development
Development
- Installation
  Installation
  - DDEV
  - Docker Compose
- Coding Style
  Coding Style
  - PER-2.0
- Events
  Events
  - Events list
- Tools
  Tools
  - n98-magerun
  - PhpStorm
- Multistore
  Multistore
  - Error pages
- Samples
  Samples
  - php.ini
  - robots.txt
- Guides
  Guides
- Documentation
  Documentation
  - MkDocs
Modules
Modules
- Analytics
- Back-end
- Cache
- Captcha
- Cron
- Email
- Front-end
- Images
- Log & Debug
- Payment
- Themes
  Themes
  - Front-end
- User Guides
  User Guides
  - Swatches
Blog
Blog
- Archive
  Archive
  - 2025
  - 2024
  - 2023
  - 2022
  - 2021
  - 2020
  - 2019
- Categories
  Categories

Robert Rogge
Contributor

Metadata
- January 27, 2023
- in Releases v19, Releases v20, Security
- 1 min read

New Release 19.4.22 and 20.0.19¶

This important security update includes six security issues:

See:

CVE-2021-21395 ¹
CVE-2021-39217 ²
CVE-2021-41143 ³
CVE-2021-41144 ⁴
CVE-2021-41231 ⁵
CVE-2021-41231 ⁶

Except CVE-2021-21395 ¹ all updates are backwards compatible.

For custom themes with a password reset form some code needs to be added.

Security advisory GHSA-r3c9-9j5q-pwv4 ↩↩
Security advisory GHSA-c9q3-r4rv-mjm7 ↩
Security advisory GHSA-h632-p764-pjqm ↩
Security advisory GHSA-5vpv-xmcj-9q85 ↩
Security advisory GHSA-h632-p764-pjqm ↩
Security advisory GHSA-3p73-mm7v-4f6m ↩

Dynamic block content

Release v19.4.23 and v20.0.20

OpenMage contributors