Language Selection

English French German Italian Portuguese Spanish

Drupal

Drupal Hardens Its Security in Response to Criticism

Filed under
OSS
Drupal
Security

The open-source Drupal content-management system (CMS) is talking steps to help protect against multiple potential risks that have been publicly revealed. On Jan. 6, security research vendor IOactive first disclosed the issues, which are focused on the Drupal update process. The Drupal project's security team is aware of the concerns and is fixing all the issues, though it is also downplaying the overall risk.

Read more

Drupal News

Filed under
Drupal
  • How to perform Drupal 7 integration tests with Red Test

    The spotlight is back on Drupal with the 8.0.0 release. The successful launch is a testament to the hard work put in by members of the Drupal community, but Drupal 7 still has a huge install base and likely will for many years to come. To support Drupal 7 development, let's take a look at a testing platform built exclusively for the platform. Red Test is an open source integration testing framework aimed at making life easier for Drupal developers.

  • Drupal sites at risk due to insecure update mechanism

    The update mechanism of the popular Drupal content management system is insecure in several ways, allowing attackers to trick administrators into installing malicious updates.

    Researcher Fernando Arnaboldi from security firm IOActive noticed that Drupal will not inform administrators that an update check has failed, for example due to inability to access the update server. Instead, the back-end panel will continue to report that the CMS is up to date, even if it's not.

    This can be a problem, considering that hackers are quick to exploit vulnerabilities in popular content management systems like Drupal, WordPress or Joomla, after they appear. In one case in 2014, users had only a seven-hour window to deploy a critical Drupal patch until attackers started exploiting the vulnerability that it fixed.

5 handy Drupal modules

Filed under
Drupal

Drupal, one of the largest open source projects in the world, is a content management system and application framework that powers millions of websites, web services, and mobile applications. Individuals and organizations in every sector use Drupal for everything from simple blogs and micro-sites, to complex intranets and private internal applications, to some of the largest sites on the web, including several top 100 properties.

Read more

How open source solves the innovation problem

Filed under
OSS
Drupal

A couple of weeks ago, a Chief Digital Officer (CDO) of one of the largest mobile telecommunications companies in the world asked me how a large organization such as hers should think about organizing itself to maintain control over costs and risks while still giving their global organization the freedom to innovate.

When it comes to managing their websites and the digital customer experience, they have over 50 different platforms managed by local teams in over 50 countries around the world, she told me. Her goal is to improve operational efficiency, improve brand consistency, and set governance by standardizing on a central platform. The challenge is that they have no global IT organization that can force the different teams to re-platform.

Read more

European Commission site developers eying Drupal 8

Filed under
Drupal

The performance and scalability improvements promised by the upcoming, 8th version of Drupal are getting the attention of the Drupal website builders working for the European Commission. The open source content management system will also be able to accommodate larger sites, and will also improve delivery of turnkey web site solutions (Software As A Service, SAAS), the EC developers notice.

Read more

Drupal-based farmOS manages food, farmers, and community

Filed under
Drupal

FarmOS is a Drupal-based software project aimed at easing the day-to-day management of a farm. It allows different roles to be assigned to managers, workers, and viewers. Managers can monitor how things are going with access to the whole system, workers can use the record-keeping tools, and viewers have read-only access to, for example, certify the farm's records.

Read more

Drupal 8 Released

Filed under
Drupal

After years of development and a few delays, the open source Drupal 8 content management system (CMS) is now generally and freely available. Among the most popular and widely deployed CMS technologies in use today, Drupal counts whitehouse.gov and the Federal Communications Commission among its notable users.

Read more

Drupal Hub to spur on the growth of North East's open source development community

Filed under
OSS
Drupal

Drupal Hub will hold regular day time drop-in sessions as well as playing host to established Drupal events, thereby bringing people together to collaborate and contribute to the software.

Other plans are in place for Drupal training days, Drupal user group meets, Drupal sprints and the Drupal Academy, which provides intensive training for users of all abilities.

Read more

A chat with Drupal architect on future and community

Filed under
Interviews
Drupal

I define Drupal as our future, not only a job. We are focused on open source, and I thank Dries Buytaert for inventing Drupal. I also thank the community for showing love for Drupal.

Read more

Deep into Drupal, Cisco starts to give back to open source community

Filed under
OSS
Drupal

Cisco’s Jamal Haider acknowledged during a presentation this week that his team that works on the company’s open source-based customer support portal hasn’t given much back to the wider Drupal community yet, but he said this talk at the sold-out Acquia Engage conference in Boston is part of an effort to change that.

And why not? Cisco has plenty of reasons – more than $400 million of them, in fact – to be grateful for Drupal since migrating its Support Community portal to the open source content management system early last year. Cisco started working on project requirements in 2013 with Acquia, a SaaS provider that has commercialized Drupal offerings.

Read more

Syndicate content

More in Tux Machines

An update on GnuPG

The GNU Privacy Guard (GnuPG) is one of the fundamental tools that allows a distributed group to have trust in its communications. Werner Koch, lead developer of GnuPG, spoke about it at Kernel Recipes: what's in the new 2.2 version, when older versions will reach their end of life, and how development will proceed going forward. He also spoke at some length on the issue of best-practice key management and how GnuPG is evolving to assist. It is less than three years since attention was focused on the perilous position of GnuPG; because of systematic failure of the community to fund its development, Koch was considering packing it all in. The Snowden revelations persuaded him to keep going a little longer, then in the wake of Heartbleed there was a resurgent interest in funding the things we all rely on. Heartbleed led to the founding of the Core Infrastructure Initiative (CII). A grant from CII joined commitments from several companies and other organizations and an upsurge in community funding has put GnuPG on a more secure footing going forward. Read more

Ubuntu: GNOME, New Video, Ubuntu Podcast, Refreshing the Xubuntu Logo

  • Ubuntu 17.10: We're coming GNOME! Plenty that's Artful in Aardvark, with a few Wayland wails
    Ubuntu has done a good job of integrating a few plugins that improve GNOME's user experience compared to stock GNOME – most notably a modified version of the Dash-to-Dock and the App Indicator extensions, which go a long way toward making GNOME a bit more like Unity. It's worth noting that Ubuntu's fork of Dash-to-Dock lacks some features of the original, but you can uninstall the Ubuntu version in favour of the original if you prefer. In fact you can really revert to a pretty stock GNOME desktop with just a few tweaks. Canonical said it wasn't going to heavily modify GNOME and indeed it hasn't.
  • What’s New in Ubuntu 17.10 Artful Aardvark
  • Ubuntu Podcast: S10E33 – Aggressive Judicious Frame
    This week we’ve been protecting our privacy with LineageOS and playing Rust. Telegram get fined, your cloud is being used to mine BitCoin, Google announces a new privacy focused product tier, North Korea hacks a UK TV studio, a new fully branded attack vector is unveiled and Purism reach their funding goal for the Librem 5.
  • Refreshing the Xubuntu logo
    Earlier this year I worked a bit with our logo to propose a small change to it – first change to the logo in 5 years. The team approved, but for various reasons the new logo did not make it to 17.10. Now we’re ready to push it out to the world.

Intel Linux and GCC Work

  • Intel Begins Landing GFNI Support In GCC 8
    Intel compiler engineers have begun landing "GFNI" support within the GNU Compiler Collection as one of the new ISA extensions not expected until the Icelake processor debut.
  • Control-Flow Enforcement Technology Begins To Land In GCC 8
    Intel Control-flow Enforcement Technology (CET) support has begun landing within the GNU Compiler Collection (GCC) for this code safety feature. Patches have been in the works for several months while now the start of the patches are being merged to mainline. Coincidentally, at the same time Intel is also landing their GFNI instruction patches in GCC as well.
  • Intel Continues Landing New i915 DRM Features For Linux 4.15
    Jani Nikula has sent in another drm-intel-next update for David Airlie's DRM-Next tree. They continue prepping more updates to their Direct Rendering Manager (DRM) for targeting the upcoming Linux 4.15 cycle. There have already been several Intel "i915" DRM driver updates queued in DRM-Next for this new kernel version. Past pulls have included marking Coffeelake graphics as stable, continued Cannonlake "Gen 10" graphics enablement, various display improvements, and quite a lot of other low-level code improvements.

Mesa Development Updates