dcsimg
July 20, 2018
Hot Topics:

Drupal Tightens Security Rules After White House Debacle

  • June 10, 2010
  • By Developer.com Staff

From now on Web sites running unfinished Drupal modules are on their own.

The Register's Gavin Clarke reported that open source Drupal "has updated the wording on its security site on how it handles security fixes to clarify it will only work on vulnerabilities in completed code of modules that comprise the CMS. The change clarifies that modules in release-candidate mode will not be supported."

Module maintainers will now be given deadlines to plug security holes. If the deadline is missed Drupal will pull the project from Drupal.org.

The change is a response to a bug found in a module that the White House used to build a plugin they released three weeks ago.

One interesting tidbit from the Register's story is that according to Clarke, Drupal is running on one billion Web sites?


View Article



Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.

Sitemap

Thanks for your registration, follow us on our social networks to keep up-to-date