Patching Magento SUPEE-10570
SUPEE-10570 is an important security update for Magento to address remote code execution and SQL injection vulnerabilities.
Where to download
Its best downloading the patch from the Magento.com download section - or via MDA - the Magento download tool (this is what this guide will use).
Dependencies
- SUPEE-9652v2
Applying the patch
The application of this patch is relatively straightforward. I'd recommend doing this in staging/development before attempting on live (if you don't have a dev. site follow this guide to create one).
-
Change directory to your Magento document root and fetch
mda.phar
(the Magento downloader tool), if using Enterprise, refer to the documentation here to provide your id/token.cd /microcloud/data/domains/example/domains/example.com/http wget -O mda.phar --no-check-certificate https://raw.githubusercontent.com/sonassi/magento-download-archive/master/bin/mda.phar php mda.phar
-
Select either CE/EE patch as appropriate,
1: Ce-patch 3: Ee-patch
-
Select the auto detected version of Magento,
0: 1.9.3.7 (auto detected)
-
Select the SUPEE-10570 patch (or press
m
to download all missing patches),0: SUPEE-10570 for CE 1.9.3.2-1.9.3.7 (PATCH_SUPEE-10570_CE_1.9.3.7_v1.sh/SUPEE-10570)
-
Copy the patch to your Magento document root and apply it,
cp ./downloads/PATCH_SUPEE-10570* . bash PATCH_SUPEE-10570*
-
Clean your Magento cache using MageRun,
mr_examplecom cache:clean
Known issues
None.