Language Selection

English French German Italian Portuguese Spanish

Drupal

Drupal Hardens Its Security in Response to Criticism

Filed under
OSS
Drupal
Security

The open-source Drupal content-management system (CMS) is talking steps to help protect against multiple potential risks that have been publicly revealed. On Jan. 6, security research vendor IOactive first disclosed the issues, which are focused on the Drupal update process. The Drupal project's security team is aware of the concerns and is fixing all the issues, though it is also downplaying the overall risk.

Read more

Drupal News

Filed under
Drupal
  • How to perform Drupal 7 integration tests with Red Test

    The spotlight is back on Drupal with the 8.0.0 release. The successful launch is a testament to the hard work put in by members of the Drupal community, but Drupal 7 still has a huge install base and likely will for many years to come. To support Drupal 7 development, let's take a look at a testing platform built exclusively for the platform. Red Test is an open source integration testing framework aimed at making life easier for Drupal developers.

  • Drupal sites at risk due to insecure update mechanism

    The update mechanism of the popular Drupal content management system is insecure in several ways, allowing attackers to trick administrators into installing malicious updates.

    Researcher Fernando Arnaboldi from security firm IOActive noticed that Drupal will not inform administrators that an update check has failed, for example due to inability to access the update server. Instead, the back-end panel will continue to report that the CMS is up to date, even if it's not.

    This can be a problem, considering that hackers are quick to exploit vulnerabilities in popular content management systems like Drupal, WordPress or Joomla, after they appear. In one case in 2014, users had only a seven-hour window to deploy a critical Drupal patch until attackers started exploiting the vulnerability that it fixed.

5 handy Drupal modules

Filed under
Drupal

Drupal, one of the largest open source projects in the world, is a content management system and application framework that powers millions of websites, web services, and mobile applications. Individuals and organizations in every sector use Drupal for everything from simple blogs and micro-sites, to complex intranets and private internal applications, to some of the largest sites on the web, including several top 100 properties.

Read more

How open source solves the innovation problem

Filed under
OSS
Drupal

A couple of weeks ago, a Chief Digital Officer (CDO) of one of the largest mobile telecommunications companies in the world asked me how a large organization such as hers should think about organizing itself to maintain control over costs and risks while still giving their global organization the freedom to innovate.

When it comes to managing their websites and the digital customer experience, they have over 50 different platforms managed by local teams in over 50 countries around the world, she told me. Her goal is to improve operational efficiency, improve brand consistency, and set governance by standardizing on a central platform. The challenge is that they have no global IT organization that can force the different teams to re-platform.

Read more

European Commission site developers eying Drupal 8

Filed under
Drupal

The performance and scalability improvements promised by the upcoming, 8th version of Drupal are getting the attention of the Drupal website builders working for the European Commission. The open source content management system will also be able to accommodate larger sites, and will also improve delivery of turnkey web site solutions (Software As A Service, SAAS), the EC developers notice.

Read more

Drupal-based farmOS manages food, farmers, and community

Filed under
Drupal

FarmOS is a Drupal-based software project aimed at easing the day-to-day management of a farm. It allows different roles to be assigned to managers, workers, and viewers. Managers can monitor how things are going with access to the whole system, workers can use the record-keeping tools, and viewers have read-only access to, for example, certify the farm's records.

Read more

Drupal 8 Released

Filed under
Drupal

After years of development and a few delays, the open source Drupal 8 content management system (CMS) is now generally and freely available. Among the most popular and widely deployed CMS technologies in use today, Drupal counts whitehouse.gov and the Federal Communications Commission among its notable users.

Read more

Drupal Hub to spur on the growth of North East's open source development community

Filed under
OSS
Drupal

Drupal Hub will hold regular day time drop-in sessions as well as playing host to established Drupal events, thereby bringing people together to collaborate and contribute to the software.

Other plans are in place for Drupal training days, Drupal user group meets, Drupal sprints and the Drupal Academy, which provides intensive training for users of all abilities.

Read more

A chat with Drupal architect on future and community

Filed under
Interviews
Drupal

I define Drupal as our future, not only a job. We are focused on open source, and I thank Dries Buytaert for inventing Drupal. I also thank the community for showing love for Drupal.

Read more

Deep into Drupal, Cisco starts to give back to open source community

Filed under
OSS
Drupal

Cisco’s Jamal Haider acknowledged during a presentation this week that his team that works on the company’s open source-based customer support portal hasn’t given much back to the wider Drupal community yet, but he said this talk at the sold-out Acquia Engage conference in Boston is part of an effort to change that.

And why not? Cisco has plenty of reasons – more than $400 million of them, in fact – to be grateful for Drupal since migrating its Support Community portal to the open source content management system early last year. Cisco started working on project requirements in 2013 with Acquia, a SaaS provider that has commercialized Drupal offerings.

Read more

Syndicate content

More in Tux Machines

Programming: Swift, Brilliant Jerks in Engineering, and Career Path for Software Developers

  • Swift code will run on Google's Fuchsia OS
    A few days ago, there was a flash-in-the-pan controversy over Google "forking" Apple's open-source programming language Swift. After a few minutes of speculation over whether Google was going to make its own special flavor of the language for its own purposes, Swift's creator Chris Lattner (who now works at Google) helpfully clarified the situation:
  • Brilliant Jerks in Engineering
    This are numerous articles and opinions on the topic, including Brilliant Jerks Cost More Than They Are Worth, and It's Better to Avoid a Toxic Employee than Hire a Superstar. My colleague Justin Becker is also giving a talk at QConSF 2017 on the topic: Am I a Brilliant Jerk?. It may help to clarify that "brilliant jerk" can mean different things to different people. To illustrate, I'll describe two types of brilliant jerks: the selfless and the selfish, and their behavior in detail. I'll then describe the damage caused by these jerks, and ways to deal with them. The following are fictional characters. These are not two actual engineers, but are collections of related traits to help examine this behavior beyond the simple "no asshole rule." These are engineers who by default act like jerks, not engineers who sometimes act that way.
  • [Older] The missing career path for software developers
    You started hacking on technology thrilled with every stroke of the key, making discoveries with every commit. You went about solving problems, finding new challenges. You were happy for a while, until you hit a plateau. There was a choice to be made. Continue solving the same problems or start managing others. You tried it out, and hated it. Longing to focus on technology, not people, you turned to your open source project. When it became successful, you became an open source maintainer but ended up overwhelmed and burned out. Hoping to get back to doing work that fascinates you, you went work for yourself. Lacking experience running a business, you're crushed with all the decisions you need to make. You’re nearing burnout — again. It feels like you’re on a hamster wheel.

Mastodon is Free Software, But It Does Not Respect Free Speech

Mastodon was always known to be tough on Nazis; it was known that they were strict on free speech only to a degree. After the treatment that I received yesterday, however, I can no longer recommend Mastodon. It may be Free software, but it’s very weak on free speech. Read more

today's howtos

Mesa 17.3 RC5 and Early Stages of Linux 4.15

  • mesa 17.3.0-rc5
    The fifth release candidate for Mesa 17.3.0 is now available. This is the last planned release candidate before the final release. We still have a couple of regressions in our tracker [1] although I'm anticipating for those to be resolved by EOW.
  • Mesa 17.3-RC5 Released, Official Mesa 3D Update Expected By Next Week
    The Mesa 17.3 release game is in overtime but it should be wrapping up in the days ahead. Emil Velikov of Collabora announced the Mesa 17.3-RC5 release candidate this morning. He anticipates it being the last release candidate, but there still are a few blocker bugs open. As of writing there still are 4 bugs open with one pertaining to Gallium3D Softpipe and the others being Intel driver issues.
  • Extra KVM Changes For Linux 4.15 Bring UMIP Support, AMD SEV Changes Delayed
    As some additional work past the KVM changes for Linux 4.15 submitted last week, a few more feature items have been queued. The second batch of Kernel-based Virtual Machine (KVM) updates sent in today for Linux 4.15 include ARM GICv4 support, x86 bug fixes, the AMD VFIO NFT performance fix, and x86 guest UMIP support. Landing already with Linux 4.15 is Intel UMIP capabilities for User-Mode Instruction Prevention to prevent certain instructions from being executed if the ring level is greater than zero. This latest KVM pull update adds this UMIP support to its space for both real and emulated guests.
  • AMD EPYC Is Running Well On Linux 4.15
    Of the many changes coming for Linux 4.15, as detailed this weekend Radeon GPU and AMD CPU customers have a lot to be thankful for with this new kernel update currently in development. Here are some initial benchmarks of the Linux 4.15 development kernel using an AMD EPYC 7601 32-core / 64-thread setup. When it comes to EPYC in Linux 4.15, the kernel side-bits have landed for Secure Encrypted Virtualization (SEV), CPU temperature monitoring support now working, and improved NUMA node balancing.