Needs work
Project:
Managing News
Version:
6.x-1.2
Component:
Code
Priority:
Normal
Category:
Task
Assigned:
Unassigned
Reporter:
Created:
31 May 2011 at 15:37 UTC
Updated:
25 Jul 2011 at 22:15 UTC
Dear all,
I have a simple question for you. I have 3 security update notification in my Managing News: one is Drupal core, and the others are Spaces and Views modules. Can I proceed normally with these updates or is there some special dependency check for Managing News?
Thank you very much,
Andrea
Comments
Comment #1
juliangb commentedSubscribe.
So far I've updated modules needing a security update manually - but it would be good to have an updated package available that doesn't ship with security flaws.
Comment #2
xurizaemonThe Managing News 1.2 package at http://www.managingnews.com/ contains versions of Drupal Core, Spaces and Views which have the following security fixes pending.
* SA-CORE-2011-001 - Drupal Core - Multiple vulnerabilities
* SA-CONTRIB-2010-111 - Views - Cross Site Scripting
* SA-CONTRIB-2011-012 - Spaces - Access bypass
There are also (currently) updates available for CTools, Features, Feeds, ImageAPI, ImageCache, jQuery UI, Libraries API, OpenLayers.
We have tested upgrade of a Managing News install via
drush pm-updateand it appears to upgrade correctly (an extradrush cc allwas required after the upgrade for us). It should be possible for you to upgrade via other standard upgrade procedures too.Will update here if any issues appear as a result of doing so.
Would be good if the release archive at the Managing News site could have the fixes applied.