Bringing Piwik analytics to the CALI world, one website at a time. Goes up on http://www.cali.org tomorrow.
Updates from July, 2016 Toggle Comment Threads | Keyboard Shortcuts
-
Elmer Masters
-
Elmer Masters
updated http://labs.calidev.org/CALIBooth/ for AALL 2016
-
Elmer Masters
What a dud. 3 lightly used contrib modules had security issues. We don’t use any of them. On the plus side, I’m ready to push through the latest version of Drupal to production sites.
-
Elmer Masters
A2J Drupal prepped and ready for immediate update, if necessary.
-
Elmer Masters
Getting CALI D7 git tree ready for updates this afternoon. Dev and staging are ready to go. Up next is prepping A2J and LTL.
-
Elmer Masters
Looks like tomorrow will be a fun day for Drupal admins.
> From: security-news@drupal.org
> Date: July 12, 2016 at 12:37:55 PM CDT
> To: security-news@drupal.org
> Subject: [Security-news] Drupal contrib – Highly Critical – Remote code execution PSA-2016-001
> Reply-To: noreply@drupal.org
>
> View online: https://www.drupal.org/node/2764899
>
> * Advisory ID: DRUPAL-PSA-2016-001
> * Project: Drupal contributed modules
> * Version: 7.x
> * Date: 2016-July-12
> * Security risk: 22/25 ( Highly Critical)
> AC:None/A:None/CI:All/II:All/E:Theoretical/TD:All [1]
> * Vulnerability: Arbitrary PHP code execution
>
> ——– DESCRIPTION
> ———————————————————
>
> There will be multiple releases of Drupal contributed modules on Wednesday
> July 13th 2016 16:00 UTC that will fix highly critical remote code execution
> vulnerabilities (risk scores up to 22/25 [2]). The Drupal Security Team urges
> you to reserve time for module updates at that time because exploits are
> expected to be developed within hours/days. Release announcements will appear
> at the standard announcement locations. [3]
>
> Drupal core is not affected. Not all sites will be affected. You should
> review the published advisories on July 13th 2016 to see if any modules you
> use are affected.
> ——– CONTACT AND MORE INFORMATION
> —————————————-
>
> The Drupal security team can be reached at security at drupal.org or via the
> contact form at https://www.drupal.org/contact [4].
>
> Learn more about the Drupal Security team and their policies [5], writing
> secure code for Drupal [6], and securing your site [7].
>
> Follow the Drupal Security Team on Twitter at
> https://twitter.com/drupalsecurity [8]
>
>
> [1] https://www.drupal.org/security-team/risk-levels
> [2] https://www.drupal.org/security-team/risk-levels
> [3] https://www.drupal.org/security/contrib
> [4] https://www.drupal.org/contact
> [5] https://www.drupal.org/security-team
> [6] https://www.drupal.org/writing-secure-code
> [7] https://www.drupal.org/security/secure-configuration
> [8] https://twitter.com/drupalsecurity
>
> _______________________________________________
> Security-news mailing list
> Security-news@drupal.org
> Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news -
Elmer Masters
Added Piwik to LTL and activated it on dev.learnthelaw.org.
-
Elmer Masters
Testing Piwik https://piwik.org/ for self-hosted analytics is going well. Integrates easily with Drupal, provides clear and easy to follow reports. Looking forward to a wider roll out.