php

Drupal 4.7.0 has been released!

Wheee! Drupal 4.7.0, the new stable release of the CMS, has been released. After more than one year of development, we are now finally able to enjoy all the goodies which this new release brings.

For German speaking people we can now proudly claim to have a completed translation of the user interface, thanks to all the contributors! If you don't speak German, you can choose from one of the other 40+ translations for your site.

Read the release announcement for more information, I'm off upgrading a couple of sites now ;)

Drupal 4.5.8 / 4.6.6 / 4.7.0-beta6 fix four security issues!

New versions of Drupal are out for the 4.5.x, the 4.6.x and the 4.7.0-beta branches which fix 4 (in words: four) security issues from four different categories, namely: access control bypassing, cross-site scripting, session fixation, and mail header injection.

All the gory details are available in the release announcement and the four advisories: DRUPAL-SA-2006-001, DRUPAL-SA-2006-002, DRUPAL-SA-2006-003, and DRUPAL-SA-2006-004.

Upgrade now!

Warning: If you're using 4.5.x, the patches for DRUPAL-SA-2006-003 will not fix the security issue immediately. You have two options: a) upgrade to 4.6.6 instead of 4.5.8, or b) upgrade to PHP >= 4.3.2.

Drupal 4.7.0 beta 3 available

Just a quick note: Drupal 4.7.0 beta 3 is available now, fixing more than 100 bugs since the last beta. If you have any further issues or suggestions for 4.7 — now is the time to speak up, file bug reports, post patches etc.

I haven't had too much time for Drupal development recently, but I guess I should really start updating the poormanscron module now (finally!) and help with getting the German translation up-to-date...

Rails 1.0: Party like it's one oh oh!

Yay. Ruby on Rails 1.0 has been released 39 minutes ago. I will probably check it out for real now (although I usually use Drupal for web development work, of course).

They sure have some funny quotes on their website ;-)

“Ruby on Rails is astounding. Using it is like watching a kung-fu movie,
where a dozen bad-ass frameworks prepare to beat up the little newcomer
only to be handed their asses in a variety of imaginative ways.”
--Nathan Torkington, O'Reilly Program Chair for OSCON

(via mir.aculo.us)

Drupal 4.6.4 / 4.5.6 fixes three security issues

You might have already noticed, but I'll re-iterate nevertheless: the Drupal project has released Drupal 4.6.4 and 4.5.6 which fix three security vulnerabilities. Everyone running a Drupal site is advised to upgrade, as always.

Multiple people were mighty busy yesterday preparing, finalizing and testing the patches and advisories. I was one of them, although I was more like lurking around trying to look busy ;-) Anyways, I have sent the respective advisories (DRUPAL-SA-2005-007, DRUPAL-SA-2005-008, DRUPAL-SA-2005-009) to the "usual suspects" today: Bugtraq, Full Disclosure, and the php-sec mailing list. The advisories have already been picked up by Secunia and a bunch of other security sites...

Btw: I finally received news that my domain was transferred to my new web hoster today, which led to a short downtime. Everything should be fine now. If you notice any problems, please drop me a note.

Syndicate content