
## v20.0.14 - unreleased


## v20.0.13 - 2021-08-26

2 security updates

CVE-2021-32758 - GHSA-26rr-v2j2-25fh - Layout XML Arbitrary Code Fix
CVE-2021-32759 - GHSA-xm9f-vxmx-4m58 - Data Flow Sanitation Issue Fix

more updates:

#1735 Fixed origData is empty in a quote
#1667 Removed orphan directory and code of compiler and downloder.
#1355 Removed unused variable
#1525 Fixed incorrect datetime in block.

and merged changes from v19.4.15

## v20.0.12 - 2021-06-25

fix version in getOpenMageVersionInfo()

## v20.0.11 - 2021-06-25

#1567 Fixed incorrect regex in Varien_Object _underscore()
#1544 Prevent backend_type from being changed automatically on attribute save without the admin realizing
#1555 Performance improvement for catalog product images
#1600 Remove "default" themes from 20.x
#1610 Reinstate getters and setters for $_pageHelpUrl which some third party modules still use
#1532 add Possibility to disable global search in backend
#1513 Add redis as a valid option for global/session_save (and activate Cm_RedisSession module by default)
#1499 Set proper HTTP response code on error
#1623 steamClose dosent void this->_streamHandler in php8
#1073 (BC) Removed IE compatibility
#1523 don't redirect to "downloader" (which doesn't exists)


and merged changes from v19.4.14

## v20.0.10 - 2021-04-20

New Release, because v20.0.9 was tagged wrong

## v20.0.9 - 2021-04-20

2 security updates

CVE-2021-21426 - GHSA-m496-x567-f98c - Fixing a bug in Zend Framework's Stream HTTP Wrapper
CVE-2021-21427 - GHSA-fvrf-9428-527m - Security Update for SQLi for Magento 2 (a backport of CVE-2021-3007 of laminas-http)

more updates:

#1536 Remove the documentation Hint "(?)" functionality

and merged changes from v19.4.13


## v20.0.8 - 2021-04-06

#1477 Remove invalid branch alias to make the branch importable on packagist.org
#1252 Directory currency - performance optimalization
#1325 Move orig data to abstract model (according to Magento 2.x)
#1502 Remove Deprecated _afterSaveCommit from Mage_Core_Model_Abstract

and merged changes from v19.4.12

## v20.0.7 - 2021-02-14

#1149 add logging to lockfile related Exceptions
merged changes from v19.4.11

## v20.0.6 - 2021-01-19

merged changes from v19.4.10

## v20.0.5 - 2020-12-29

merged changes from v19.4.9


## v20.0.4 - 2020-10-20

merged changes from v19.4.8
including
CVE-2020-15244 RCE via PHP Object injection via SOAP Requests


## v20.0.3 - 2020-09-15

merged changes from v19.4.7


## v20.0.2 - 2020-08-18

merged changes from v19.4.6
including
CVE-2020-15151 Observable Timing Discrepancy - Improve validation of secret keys (#1138)

## v20.0.1 - 2020-07-07

merged changes from v19.4.5

## v20.0.0 - 2020-06-28

Identical to v19.4.4

