Magento API disabled due to Zend Platform Vulnerability

On Thursday, July 05, 2012 - Magento blog announced "Important Security Update – Zend Platform Vulnerability" 


The problem is that patches to this issues as well as latest releases of Magento (Community Edition 1.7.02 and Enterprise Edition 1.12.02) that incorporate the appropriate patches are not compatible with oldest PHP version. Talking more technical - these patch is using libxml_disable_entity_loader() function that is supplied only from PHP version 5.2.11 (repleased on the market from 16-Sep-2009) and above.

The bottom line is that Magento API (XML/RPC version) is not supported in Magento versions above (and other versions that applied the path) on PHP version below 5.2.11.


Available Solutions:

1. Upgrading PHP

2. Use our Google Base Solution (which doesn't require API), see step-by-step guide here -

3. Use our CSV solution (which doesn't require API) - see step-by-step guide here -

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Please sign in to leave a comment.
Powered by Zendesk