September 22, 2014
Hot Topics:
RSS RSS feed Download our iPhone app

Drupal Tightens Security Rules After White House Debacle

  • June 10, 2010
  • By Developer.com Staff

From now on Web sites running unfinished Drupal modules are on their own.

The Register's Gavin Clarke reported that open source Drupal "has updated the wording on its security site on how it handles security fixes to clarify it will only work on vulnerabilities in completed code of modules that comprise the CMS. The change clarifies that modules in release-candidate mode will not be supported."

Module maintainers will now be given deadlines to plug security holes. If the deadline is missed Drupal will pull the project from Drupal.org.

The change is a response to a bug found in a module that the White House used to build a plugin they released three weeks ago.

One interesting tidbit from the Register's story is that according to Clarke, Drupal is running on one billion Web sites?


View Article



Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Sitemap | Contact Us

Rocket Fuel