Magento has released new updates to increase product security and functionality. The releases contain over 15 security enhancements and Magento 2.x updates that also address image resizing and MasterCard BIN number expansion. We strongly recommend that all merchants upgrade to these versions as soon as is reasonably possible.
These releases include:
Multiple critical security enhancements
These updates help close access control bypass, CSRF, and authenticated Admin user remote code execution vulnerabilities. See Magento 2.0.14 and 2.1.7 Security Patches and SUPEE-9767 Security Patches for more information.
Support for MasterCard BIN number expansion
MasterCard recently added new series of Bank Identification Numbers (BIN). While certain Magento versions already support the new BINs, merchants using the following versions must upgrade or apply a patch by June 20, 2017, or face potential fines from MasterCard and lost sales.
Enterprise Edition 2.1.2 or earlier
All Enterprise Edition 2.0.x releases
All Enterprise Edition 1.14.2.X releases or earlier
All Community Edition 1.9.2.x releases or earlier
More information is available at MasterCard BIN Range Update.
Reversion of the changes to image resizing that was introduced in Magento 2.1.6
Certain image resizing changes introduced unanticipated problems. Magento has reverted these changes in this release, and will provide improvements to image resizing in a future product update. See the Magento 2.1.7 Enterprise Edition Release Notes for additional information you may need when upgrading from Magento 2.1.6 or 2.1.5 to this release.