Adobe Commerce 2.4.3 is now available to the entire commerce community, ending the pre-release period. Highlights of Adobe Commerce 2.4.3 include:
Substantial security enhancements
This release includes 33 security fixes and platform security improvements. Many of these security fixes have been backported to Magento 2.4.2-p2 and Magento 2.3.7-p1.
Additional security enhancements
- A new Composer plugin helps prevent dependency confusion and identifies malicious packages with the same names as internal packages on the public package repository.
- Rate limiting is now built into Magento APIs to prevent denial-of-service (DoS) attacks, web APIs imposing restrictions on the size or number of resources.
- ReCAPTCHA coverage has been extended to include: Web APIs that have corresponding HTML pages protecting endpoints from spam attacks; ReCAPTCHA protection for The Place Order storefront page and payment-related web APIs to protect stores from carding attacks.
Decreased indexation time
Decreased indexation time for Product Price and Catalog Rule indexers, allowing merchants to now exclude a website from a customer group or shared catalog, which reduces the number of records for indexing.
Live Search combines Adobe Sensei AI with ecommerce data to provide a more intuitive and relevant search experience for ecommerce browsers, by performing a deep analysis of aggregated visitor data. Back-end search management is also simplified with less input and management required by merchants.
GraphQL support is now included for the following features:
- Shared catalogs
- Wish lists
- Gift registries
- Negotiable quotes
- Shared routes
See the GraphQL Developer Guide for details on these enhancements.
Magento B2B - Version 1.3.2
Magento 2.4.3 introduces B2B v1.3.2 which includes enhancements and fixes, including:
- Magento now successfully sends update emails about expired negotiable quotes and soon-to-expire and expired negotiable quotes.
- Company users can now edit and update customer custom attribute values.
- The resource tree for company role permissions can now be translated.
- Administrators with restricted accounts that include only website-level privileges can now create a company that uses a different currency than the website.
For many more changes, see Commerce B2B Release Notes.
Page Builder is now the default content editing tool for Adobe Commerce 2.4.3 and Magento Open Source 2.4.3, replacing the TinyMCE editor in the following Admin areas (the content created in TinyMCE has been migrated into Page Builder as HTML):
- CMS Page
- CMS Block
- Category Description
- Product Description
PWA Studio 11.0.0
PWA Studio 11.0.0 contains new features, refactors, bug fixes, and various improvements. This version is compatible with Magento 2.4.3. Visit Github.com/magento/pwa-studio for a full list of updates.
Cloud managed services updates
This release includes enhancements to support for Amazon Simple Storage Service (AWS S3) and Amazon Aurora cloud managed services. It provides certified support for AWS ElastiCache, AWS ElasticSearch, and AWS Managed Queues (Rabbit MQ).
Third party extensions
Updates have been included to the following extensions: