
Magento 2.4.6 has been launched on March 2023. It features scalability and performance enhancements, over 300 quality fixes and updated core composer dependencies and third-party libraries.
In this guide, you'll learn how to download Magento 2.4.6 and what important changes it offer before you update your Magento version.
Post Contents [hide]
- Download Magento 2.4.6
- Magento 2 Download using Composer
- Magento 2.4.6 Release Notes
- Magento 2.4.6-p1 Release Notes
- Magento 2.4.6-p2 Release Notes
- Magento 2.4.6-p3 Release Notes
- Magento 2.4.6-p4 Release Notes
- Magento 2.4.6-p5 Release Notes
- Magento 2.4.6-p6 Release Notes
- Magento 2.4.6-p7 Release Notes
- Magento 2.4.6-p8 Release Notes
Download Magento 2.4.6
Version | Release Date | Link |
2.4.6-p8 | October 8, 2024 | Download Magento 2.4.6-p8.zip |
2.4.6-p7 | August 2024 | Download Magento 2.4.6-p7.zip |
2.4.6-p6 | June 2024 | Download Magento 2.4.6-p6.zip |
2.4.6-p5 | April 2024 | Download Magento 2.4.6-p5.zip |
2.4.6-p4 | February 2024 | Download Magento 2.4.6-p4.zip |
2.4.6-p3 | October 2023 | Download Magento 2.4.6-p3.zip |
2.4.6-p2 | August 2023 | Download Magento 2.4.6-p2.zip |
2.4.6-p1 | June 2023 | Download Magento 2.4.6-p1.zip |
2.4.6 | March 2023 | Download Magento 2.4.6.zip |
Magento 2 Download using Composer
Alternatively, you can download Magento using the following composer commands. But note that this could take a while and requires a composer. Please make sure that you use the proper composer version, check Magento 2 System Requirements.
composer create-project --repository-url=https://repo.magento.com/ magento/project-community-edition magento XXX
cd magento
composer install
Replace XXX in the example with the Magento version you would like to install, for example:
composer create-project --repository-url=https://repo.magento.com/ magento/project-community-edition magento 2.4.6-p3
Note: all our Magento extensions are already compatible with Magento 2.4.6.
Magento 2.4.6 Release Notes
Magento gets better with each version. So 2.4.6. definitely has a lot to offer. Let's dive into the most important platform updates.
Platform
For high performance Magento 2.4.6 introduces support for PHP 8.2 (PHP 8.1 will continue to be supported).
- Composer 2.2.x support
- OpenSearch 2.x support
- Redis 7.0.x support
- Compatibility with ElasticSearch 8.x and MariaDB 10.6
- Updated outdated JS libraries and removed outdated dependencies
Security
This release contains 8 security fixes, even though there are no confirmed attacks to date. Most of them are related to the admin panel since it's the first thing the attacker would target. So the following was improved:
- Use on VPN
- Two-facto authentication
- IP allow listing
- Password hygiene
Performance
Magento 2.4.6 is optimized to support your growing business requirements. There are plenty of improvements to the performance and scalability of your store.
- Improved product grid performance through a limited number of products displayed in a grid
- Improved order processing on cloud infrastructure customers
- Added options to improve operations performance if 100+ customer segments are involved
- Improved import data performance through new PEST API endpoint (+100 000 reports/minute)
Payments
The Magento 2.4.6 release focuses on improving Braintree payments.
- Added Braintree Pay Layer button and messages for Italy and Spain
- Added Fraud protection and ACH webhooks to the Braintree payment method
- Enabled Pay Later messaging with PayPal Vault
Page Builder
The biggest update is that you can use drag and drop to bulk import images into the gallery. This version of Magento is also compatible with Page Builder v1.7.3.
Additionally, the dropdown, text field, and text area attributes are now available in the Page Builder product attribute list.
GraphQL
In the 2.4.6 release, Magento continues working on improving the Magento GraphQL experience.
- Improved GraphQL category tree rendering performance
- Improved response time of the bulk cart operations through GraphQL
- Improves response time of some Magento APIs related to querying product categories with category permissions enabled
- Customer queries now support order sorting
Magento 2.4.6-p1 Release Notes
Magento 2.4.6-p1 was released not so long after 2.4.6 and presents you with security fixes and platform improvements that make your store better.
Platform
In this release Adobe improved the compliance of the platform with the latest security best practices.
- Added compatibility with Varnish cache 7.3 support
- Added compatibility with the latest RabiitMQ 3.11
- Updated outdated JavaScript libraries to the latest minor or patch versions
Security
The patch contains 13 important fixes, the main dealing with:
- Incorrect authorization
- Server-side request forgery
- Improper Input validation
Magento 2.4.6-p2 Release Notes
Magento 2.4.6.-p2 is mainly a security release that focuses on providing three major security fixes for vulnerabilities discovered in Magento Commerce and Open Source previous releases.
In particular, the value of fastcgi_pass in the nginx.sample file has been returned to the previous value of fastcgi_backend. Besides, the security vulnerability of the jQuery-UI library version 1.13.1 has been taken care of in this release.
Looking forward to using the latest version of Magento? Update Magento 2 and benefit from better security, performance, scalability and payments.
Magento 2.4.6-p3 Release Notes
Same as in the case of the 2.4.6-p2 release, Magento 2.4.6-p3 includes mainly security fixes aimed at improving Magento deployment.
Besides, the release includes new settings for full-page cache. It helps to mitigate the risks associated with the {BASE-URL}/page_cache/block/esi HTTP
endpoint.
Magento 2.4.6-p4 Release Notes
The focus of the Magento 2.4.6.-p4 is on two major security enhancements.
Adobe made changes to the non-generated cache keys. They now include prefixes different from the ones in keys generated automatically. Besides, the keys for blocks must contain letters, digits, hyphens and underscores characters from now on.
Adobe has imposed a limitation on the number of auto-generated coupon codes in the Commerce edition. The default maximum is 250,000. But merchants can control that limit in Configuration > Customers> Promotions.
Magento 2.4.6-p5 Release Notes
This patch release contains three security fixes identified in the previous releases. You can find more in the Magento Security Bulletin.
Magento 2.4.6-p6 Release Notes
Magento 2.4.6-p6 security release concerns Adobe Commerce. The Subresource Integrity (SRI) support has been added to provide integrity hashes for all JavaScript assets.
The default SRI feature is implemented for the admin and storefront only on the payment pages.
There also have been updates and enhancements to Adobe Commerce Content Security Policies (CSPs) to comply with the PCI 4.0 requirements.
- The execution of inline scripts in a CSP is now allowed due to the added nonce provider.
- The default CSP configuration for payment pages is now set to restrict mode and report-only mode for all other pages.
- Options to configure custom URIs to report CSP violations on order creation pages in the admin and checkout pages on the frontend.
Magento 2.4.6-p7 Release Notes
The Magento 2.4.6-p7 includes a number of fixes for security vulnerabilities identified in the previous versions. In particular:
- Rate limiting for one-time passwords (2F authentication retry attempt limit and lockout time (seconds)).
- CLI command for the encryption key rotation.
- Resolved Prototype.js security vulnerability.
- Fixed remote code execution vulnerability.
- Resolved JavaScript error that caused Google Maps to render improperly in the PageBuilder.
- JSON web token validation issue.
Magento 2.4.6-p8 Release Notes
This Magento patch includes fixes for the TinyMCE, Require.js and Braintree payment gateway. The TinyMCE dependency was updated to the 7.3 version to provide more efficiency and better user experience.
Require.js was updated to the 2.3.7 version and new fields were added to the Braintree payment gateway to comply with the latest VISA requirements.