Drupal Planet

The Drupal Security team has just released a public security announcement, PSA 2016-001.

There will be multiple releases of Drupal contributed modules on Wednesday July 13th 2016 16:00 UTC that will fix highly critical remote code execution vulnerabilities (risk scores up to 22/25).

If you run any Drupal sites, please be prepared, and be ready to update your site as soon as this is released.

Last week, to appropriate fanfares, Drupal 8 reached Release Candidate stage. That means Drupal 8 tagged releases now have an upgrade path between them, and it also means (very nearly) complete API / hook stability - which means this is the cue for some serious testing and development of contrib themes and modules.

However I made one schoolboy error: I was still using Drush 7.

It's actually quite an understandable mistake - all you had to do was follow the development of Drupal Next, and Drush, but not quite follow it closely enough.

Yesterday, Drupal 7.28 was released.

People rush to upgrade, knowing that there will be a tranche of bug-fixes that may resolve longstanding issues.

People hesitate to upgrade, because updating Drupal core is not as simple as we'd like.

Other times, the core update is a security release, and you can't afford to wait.

This does not need to be painful!!

Upgrading core in Drupal 7

You have probably read the official documentation on doing this.

Yesterday, the PHP group announced the first stable release of PHP 5.5. This is great news. I shall compile it very shortly so that it can optionally be used on this server. That will allow me to test my various Drupal sites against PHP 5.5, to see if there are any issues.

However the arrival of PHP 5.5 signals the imminent end of PHP 5.3. Back in December 2012, PHP announced that