PaaS only

Magento Open Source 2.4.9-alpha release notes

Last update: June 11, 2025

CREATED FOR:

  • Experienced
  • Admin
  • Developer
IMPORTANT
Alpha releases may be incomplete, and are likely to contain defects. They are provided “AS IS” without warranty of any kind. Adobe has no obligation to maintain, correct, update, change, modify, or otherwise support (via Adobe Support Services or otherwise) Alpha releases. Customers should not rely on the correct functioning or performance of Alpha releases or any accompanying documentation or materials. Use of Alpha releases is entirely at the customer’s own risk.

Security highlights in 2.4.9-alpha1

For the latest information about security bug fixes, see Adobe Security Bulletin APSB25-50.

This release includes the following highlights:

  • API performance enhancement—Resolves performance degradation in bulk asynchronous web API endpoints that were introduced after the previous security patch.

  • CMS Blocks access fix—Resolves an issue where Admin users with restricted permissions (such as merchandising-only access) were unable to view the CMS Blocks listing page.

    Previously, these users encountered an error due to missing configuration parameters after installing previous security patches.

  • Cookie limit compatibility—Resolves a backward-incompatible change involving the MAX_NUM_COOKIES constant in the framework. This update restores expected behavior and ensures compatibility for extensions or customizations that interact with cookie limits.

  • Async operations—Restricted async operations for overriding previous customers orders.

  • Fix for CVE-2025-47110—Resolves an email templates vulnerability.

The fix for CVE-2025-47110 is also available as an isolated patch. See the Knowledge Base article for details.

Highlights in v2.4.9-alpha1

The following 9 highlights apply to the Magento Open Source 2.4.9-alpha1 release.

Admin UI

  • Add "Actions" menu for the Catalog Price Rules grid in Admin UI
    AC-13916

Framework

  • [Part 2] - Update all js library and npm dependency with the latest available version
    composer version support was up to the composer version 2.2.x only. Now, the support extended to 2.4.x version as well.
    AC-13792 - GitHub code contribution
  • Add compatibility for Valkey 8.x for 2.4.8, 2.4.7, 2.4.6 and 2.4.5, 2.4.9-alpha1
    AC-14103
  • Check compatibility with Varnish 7.7
    AC-14105
  • Add compatibility for RabbitMQ 4.1 for 2.4.8, 2.4.7, 2.4.6 and 2.4.5
    AC-14357

Other

  • 2.4.9-alpha1 - June Core Quality Improvements
    AC-14026
  • Make 2.4.7 and 2.4.6 compatible with MariaDB 10.11
    AC-14099
  • 2.4.9-alpha1 - June 2025 Community contributions
    AC-14559

Shipping

  • Migrate DHL integration from outdated DHL Express XML to new MyDHL API RESTful APIs
    AC-13258

Fixed issues in v2.4.9-alpha1

We have fixed 67 issues in the Magento Open Source 2.4.9-alpha1 core code. A subset of the fixed issues included in this release is described below.

APIs

  • Async Bulk Operation remains in open state for async.magento.configurableproduct.api.optionrepositoryinterface.save.post
    Bulk API endpoints will now throw an error if the request body is not an Array, thus requiring bulk item keys to be consecutive numbers starting from 0. Previously, bulk item status was not updated due to the arbitrary item key submitted in the bulk request.
    ACP2E-3544 - GitHub code contribution
  • [CLOUD] API REST bug on is_subscribed value not considering from the current store using searchCriteria
    API REST Customer query fetches the correct "is_subscribed" value from the correct store using searchCriteria
    Previously the API REST Customer query did not consider store when fetching is_subscribed" value.
    ACP2E-3621 - GitHub code contribution
  • async.operations.all can create multiple entries for 1 SKU
    Concurrent requests to save and update the same product are now serialized to prevent race conditions which may result in data inconsistency or duplicated products
    ACP2E-3744 - GitHub code contribution

Account

  • [Cloud] Delete operation is forbidden for current area error during customer account creation
    After the fix saving a customer with an invalid address returns a message describing the reason for invalidity instead of irrelevant "Delete operation is forbidden for current area".
    ACP2E-3791 - GitHub code contribution

Admin UI

  • [Issue] Improve user experience with roles tree
    This pull request adds buttons to collapse all, expand all, and expand branches with selected items. This functionality is similar to that provided in the category tree (Catalog -> Inventory -> Categories)
    AC-14020 - GitHub issue - GitHub code contribution
  • Symfony\Component\Mime\Exception\LogicException: The "Sender" header must be an instance of "Symfony\Component\Mime\Header\MailboxHeader" (got "Symfony\Component\Mime\Header\MailboxListHeader")
    AC-14520 - GitHub issue - GitHub code contribution
  • Provide a feature to mass-delete tax rates using the grid
    Admin users can now simultaneously delete multiple tax rates from the Admin Tax Rates grid. GitHub-33399
    AC-2238 - GitHub issue - GitHub code contribution - GitHub code contribution
  • Cart price rule with condition SKU dosen't take into account the "leading zeros" in the SKU (sku: 01234 is the same as 1234)
    The System now correctly handles Cart price rule with condition SKU take into account the "leading zeros" in the SKU
    AC-9428 - GitHub issue - GitHub code contribution
  • Issue with Default Attribute Option Value Behavior for Multiselect
    Prior to the fix default values for multiple options attribute were not being saved properly. Now, after the fix, the values are properly stored in the database.
    ACP2E-3523 - GitHub code contribution
  • Issue while moving the product qty to back to shopping cart from the admin
    When creating an order from the admin, products in the customer cart on the sidebar will not disappear when added to the order.
    ACP2E-3563 - GitHub code contribution

Admin UI, B2B

  • B2B Login as Customer header still has Magento branding
    Earlier the storefront header shows "You are now connected as <customer name> on <store name>" with Magento branding. Which is now fixed and the header shows with ADOBE branding.
    AC-14361 - GitHub code contribution

Admin UI, Content

  • Exception "Cannot create rendition for media asset paths" during image insertion
    After removing the values of the Maximum Width and Maximum Height of the Media Gallery Image Optimization configuration, the error is not occurred any more during the image optimization process.
    ACP2E-3781 - GitHub code contribution

Admin UI, Security

  • Weak Password Management
    The admin user cannot be saved when using the same password. Previously, it was saved successfully without a proper validation.
    ACP2E-3657 - GitHub code contribution

Cart & Checkout

  • Magento 2.4.7 update (mini)cart no decimal qty allowed
    Now Magento correctly handles when we are updating qty with decimals from mini cart when the locale was NL(Dutch)
    AC-13238 - GitHub issue - GitHub code contribution
  • [Issue] Update subtotal.phtml
    The System updates the subtotal.phtml with the correct spacing
    AC-13907 - GitHub issue - GitHub code contribution
  • Not able to place the order with the guest
    AC-14241 - GitHub code contribution
  • Expired persistent quotes are not cleaned up by a cron job sales_clean_quotes
    The expired persistent quotes are now cleared when the 'persistent_clear_expired' cron job runs. Previously, the expired persistent quotes were not cleared by any other cron job.
    ACP2E-3493 - GitHub code contribution
  • "Something went wrong" error on checkout for inactive company
    Prior to the fix, the logout action was not being completed properly on the cart page, if the logged in user company was no longer enabled. Now, if the company is no longer available, the logout is performed properly.
    ACP2E-3541 - GitHub code contribution
  • Addresses selection is not saved when we "Check Out with Multiple Addresses"
    Prior to the fix when canceling the multishipping option, the address was not preselected when reverting back to multshipping. Now, the default address is replaced with one of the selections made within the multishipping screen.
    ACP2E-3646 - GitHub code contribution

Cart & Checkout, Shipping

  • [Mainline] Cart Price rule is not respecting Multishipping
    Prior to the implementation of this correction, the cart price rule for multi-shipping products did not apply correctly when sub-select conditions were applied and free shipping was enabled. However, since the correction was applied, the cart price rule for multi-shipping carts now functions as intended.
    ACP2E-3666 - GitHub code contribution

Catalog

  • Duplicate cache fpc for same page with same query
    The system now correctly identifies and uses the same Full Page Cache (FPC) for pages with the same query parameters, regardless of their order or trailing characters. This prevents an unnecessary increase in the page cache folder size. Previously, the system would create a different FPC identifier for the same page if the order of the query parameters was different or if there were trailing characters, leading to an increase in the page cache folder size.
    AC-10722 - GitHub issue - GitHub code contribution
  • Missing indexing of required columns in catalog_product_entity_int table
    Added the missing indexing of required columns in catalog_product_entity_int table
    AC-10844 - GitHub issue - GitHub code contribution
  • Product page gives error because of url rewrites
    Now the Product Page is loaded successfully when we have URL rewrites
    AC-2950 - GitHub issue - GitHub code contribution
  • indexer_update_all_views cron error with MAGE_INDEXER_THREADS_COUNT
    Fixed issue for MAGE_INDEXER_THREADS_COUNT > 2 with Customer Segment indexer
    ACP2E-3538 - GitHub code contribution
  • Exception while adding "Conditions Combination" in Page Builder Products widget condition
    The issue has been fixed by adding a check to skip missing or incomplete conditions. Previously, this caused error logs to be generated due to the handling of incomplete conditions in the system.
    ACP2E-3545 - GitHub code contribution
  • Browser crash when loading attribute set
    Browser no longer crashes on attribute set edit page if there are more than 4k product attributes
    ACP2E-3633 - GitHub issue - GitHub code contribution
  • [CLOUD] Product URL Rewrites Not Created for New Store: Go Live Blocker
    Product URL Rewrites for New Store is successfully created.
    Previously operation ended with memory leak or with timeout.
    ACP2E-3669 - GitHub code contribution
  • Attribute Default Value for Options Not Working
    Previously, when we changed the default value of a product select attribute, it appeared as an array element with the previous values. After this fix is applied, when we update a product attribute value it will save as a single element at eav_attribute table.
    ACP2E-3688 - GitHub code contribution
  • Products graphql returned disabled categories in the category aggregations
    After the fix disabled categories aren't returned for the products GraphQl request.
    ACP2E-2885 - GitHub code contribution

Catalog, Product

  • [Random Bug] Fotorama lib isn't loaded
    The system now ensures that the Fotorama library is properly loaded, allowing all attached images to be displayed in the image gallery as expected. Previously, only the first image was visible due to an issue with the Fotorama library not loading correctly.
    AC-12124 - GitHub code contribution - GitHub code contribution

Content

  • Putting csp_whitelist.xml in theme does not work and creates intermittent issue
    Implemented caching of CSP whitelist per website area.
    AC-13069 - GitHub issue - GitHub code contribution
  • Error: Script error for "Magento_Catalog/js/validate-product" for admin content pagebuilder with products load
    This PR fixes the Script error for catalogAddToCart when editing the pagebuilder with the products condition
    AC-13891 - GitHub issue - GitHub code contribution
  • Block selection in widgets that have the same identifier
    The System now correctly handles selecting block while creating widgets when we are having same identifier blocks
    AC-14132 - GitHub issue - GitHub code contribution
  • Table prefix is not taken into account
    AC-14556 - GitHub issue - GitHub code contribution
  • Unable to upload image with relatively small width
    The system no longer fails to resize image with relatively small width to its height.
    ACP2E-3558 - GitHub code contribution
  • Incorrect config path for remote storage path style configuration
    After the fix, setting the remote storage path style configuration will impact the actual AWS S3 path style configuration.
    ACP2E-3734 - GitHub code contribution

Framework

  • Compiling code of disabled module.
    This pull request escapes disabled modules before code compilation.
    AC-10933 - GitHub issue - GitHub code contribution
  • Magento_Theme title.phtml template invalid for PHP 8.2
    This pull request fixes an issue when CMS page created with the null heading as in Php 8.x passing null to trim() throws Exception: Deprecated Functionality: trim(): Passing null to parameter #1 ($string) of type string
    AC-12856 - GitHub issue - GitHub code contribution
  • When using file storage for the lock provider, we get an ever growing directory of files without any cleanup happening
    This pull request introduce a new cron job that runs once per day and searches for lock files that haven't been modified in the last 24 hours and can thus be safely removed. This will keep the contents of the lock files directory under control.
    This cron job will only execute something when the lock provider is configured to use files, not when one of the others is used (database - the default, zookeeper or cache)
    AC-13367 - GitHub issue - GitHub code contribution
  • [Issue] Cleanup: don't use void return value from method calls.
    This PR does minor cleanup. Sometimes we called methods that didn't return anything (void) and then used that result value. Which is really not needed.
    AC-13664 - GitHub issue - GitHub code contribution
  • [Issue] [PHPDOC] Fix bad phpdoc for Magento\Framework\Message\ManagerInterface
    This PR fixes the bad phpdoc for \Magento\Framework\Message\ManagerInterface and remove all duplicate phpdoc in \Magento\Framework\Message\Manager (use inheritdoc syntax).
    AC-14312 - GitHub issue - GitHub code contribution
  • Removed beta minimum-stability from composer.json
    Removed beta minimum-stability from composer.json
    AC-14450 - GitHub code contribution
  • allow_parallel_generation should be set through environment variable
    After the fix, the "MAGENTO_DC_CACHE__ALLOW_PARALLEL_GENERATION" environment variable can be used to set the "allow_parallel_generation" configuration.
    ACP2E-3673 - GitHub code contribution
  • [Cloud] Changing table column type from Int to Decimal using db_schema.xml file In Magento 2 Results In Errors
    Changing the column data type is not working correctly. Previously, it throws an error: The attribute 'identity' is not allowed.
    ACP2E-3709 - GitHub code contribution
  • New currency (XCG) support in Adobe
    Caribbean Guilder (XCG) is added to the currencies list.
    ACP2E-3790 - GitHub code contribution

GraphQL

  • GraphQL Response for Order placement does not include the exception message
    Reverted previous change that was returning errors in a different format. Now potential errors are returned in a consistent manner, not breaking GraphQL schema. This should be added as known BIC, approved by PM in ACP2E-3399
    ACP2E-3399 - GitHub code contribution
  • GraphQL Response for Order placement is partially localised
    Errors returned by placeOrder GraphQl mutation were not fully localized. Now, in a multilanguage context, errors are properly translated.
    ACP2E-3506 - GitHub code contribution
  • Concurrent Calls to Reorder GraphQL API - Same Products Added to Different Rows
    Fixes the issue where concurrent calls to the Reorder GraphQL API result in the same products being added as different rows, leading to data inconsistencies.
    ACP2E-3774 - GitHub code contribution
  • updateCustomerEmail GraphQL mutation(Change email Address) doesn't trigger the email Notification
    Previously, email was not sent to customers after successfully updating their email addresses on their accounts. After the fix has been applied, customers now receive email notifications after successfully updating their email addresses.
    ACP2E-3785 - GitHub code contribution
  • Dynamic Attribute Not Updating in Gift Registry via updateGiftRegistry Mutation
    Previously, before this fix through the updateGiftRegistry mutation, the custom attribute of the gift registry was not modified or updated through GraphQL mutations. After this fix has been applied, the dynamic attribute of the gift registry can successfully be updated through the updateGiftRegistry mutation.
    ACP2E-3805 - GitHub issue

Import / export

  • [Issue] Copyedit: change "coping" to "copying"
    PR fixes the Minor copyedit to correct spelling of "copying"
    AC-13300 - GitHub issue - GitHub code contribution
  • REST endpoint Product Import Json not validate the mandatory fields
    Name field is now required when creating new products through the import process (admin or API). Prior to the fix, you could have created new products without name, this would have broken the admin interface and created invalid products.
    ACP2E-3660 - GitHub code contribution
  • Missing Website Filter Option in Export Process
    It is now possible to filter products by websites when creating products export.
    ACP2E-3720 - GitHub code contribution
  • Duplicate of AC-13913 - Static attribute cleaning asynchronously.
    After the fix, there is no 'Undefined array key "apply_to"' error when numerous instances of the \Magento\CatalogImportExport\Model\Import\Product\Type\AbstractType are created.
    ACP2E-3752 - GitHub code contribution

Inventory / MSI

  • Store Pickup not respecting maximum search radius when address is changed at checkout
    Now pre-selected store in "Pick in Store" will update if the shipping address changes. Previously, once a store was pre-selected, it did not change even if the new shipping address is not within the radius of the selected store
    ACP2E-3728 - GitHub code contribution

Order

Order, Pricing

  • Admin displays incorrect currency symbol on when creating return
    In a multi-website setup with different currencies (EUR/USD/GBP), the return product selection page in admin is now displaying the correct currency symbol. Previously, it displayed the default currency symbol.
    ACP2E-3658 - GitHub code contribution

Other Developer Tools

Payments

  • [Issue] Fix offline invoice capture (404)
    It fixes the 404 Page Error while capturing invoices for offline payment methods from Magento admin
    AC-13336 - GitHub issue - GitHub code contribution

Product

  • Product Collection - addMediaGalleryData calls getSize when the collection maybe or will be loaded (Can use count to avoid an extra DB query)
    This PR reduces the extra query call using count() if the product collection is already loaded when calling Product Graphql with media_gallery field included in it.
    AC-13055 - GitHub issue - GitHub code contribution
  • [2.4.8] No callbacks found for cron job catalog_product_alert
    AC-14494 - GitHub issue - GitHub code contribution
  • Slow query is executed when product widget is included via pagebuilder
    The Query for product widgets creation including product SKUs is optimized.
    ACP2E-3449 - GitHub code contribution
  • Product images not resized when added as configurable product
    Previously, images added through Configurations in the admin panel did not adhere to the maximum upload size limit, which could lead to inconsistencies and management challenges. Now, a fix has been implemented to ensure that images are automatically resized during upload to comply with the maximum size limit, streamlining the process and maintaining system standards.
    ACP2E-3504 - GitHub code contribution

Shipping

  • [DHL]-Handle Optional Dimensions in Regular Size Settings and Price Variance Between REST and XML API Integrations
    AC-14601 - GitHub code contribution
  • Exception while creating UPS shipping label
    Fixed Warning: Array to string conversion during UPS shipping label creation
    ACP2E-3676 - GitHub code contribution

Staging & Preview

  • Previewing a scheduled update opens the first store view in alphabetical order instead of the store view of interest
    Previous to the fix, the preview of a scheduled update opened in the first store view in alphabetical order instead of the assigned store view.
    After the fix, the preview now correctly opens in the store view assigned to the CMS block staging update.
    ACP2E-3671 - GitHub code contribution