Monthly Archives: December 2012

Drupal 7.18 & 6.27 Now Available

Drupal 7.18 and 6.27 maintenance releases which contain fixes for security vulnerabilities are now available.

Drupal Hosting

Upgrading your existing Drupal 7 and 6 sites is strongly recommended. There are no new features or non-security-related bug fixes in these releases.


Drupal 7.18 is a security release only. For more details, see the 7.18 release notes. A complete list of all bug fixes in the stable 7.x branch can be found in the git commit log.

Drupal 6.27 is a security release only. For more details, see the 6.27 release notes. A complete list of all bug fixes in the stable 6.x branch can be found in the git commit log.

Security vulnerabilities

Drupal 7.18 and 6.27 were released in response to the discovery of security vulnerabilities. Details can be found in the official security advisory:

To fix the security problem, please upgrade to either Drupal 7.18 or Drupal 6.27.

SMF 2.0.3 & 1.1.17 Security Patch Released

Simple Machines Forum project has released SMF 1.1.17 and SMF 2.0.3 security patches for the SMF community.

SMF Hosting

A security issue has been identified in all versions and is fixed with this patch, therefore it is recommended to make sure you update your forums immediately to ensure your community is safe.

Additionally, another security issue a few bug fixes to SMF 2.0.2 are also included within the patch for 2.0.x.

The most relevant bug fix is an issue that will arise in few months with PayPal: starting on February 1, 2013 PayPal will only accept headers which comply with the HTTP 1.1 specification.

If you are running 2.0.2, you can update your forum to 2.0.3 using the package manager. You should see the upgrade notification in the Admin panel and in the package manager, allowing you to download and install seamlessly. If you don’t have a notification about the update, please run the scheduled task “Fetch Simple Machines files”.
You can also download the patch for 2.0.2 from the customize site: smf_patch_2.0.3.tar.gz patch, and install it using the package manager.

If you are running 1.1.16, you can update to 1.1.17 with the smf_patch_1.0.23_1.1.17.tar.gz patch, also using the package manager.

Please find the changelog for the latest release as usual, on the downloads page:

WordPress 3.5 Now Available

WordPress 3.5 is is now available for download or update within your WordPress dashboard.

WordPress Hosting

If you’ve been around WordPress a while, the most dramatic new change you’ll notice is a completely re-imagined flow for uploading photos and creating galleries.

WordPress version 3.5 includes a new default theme, Twenty Twelve, which has a very clean mobile-first responsive design and works fantastic as a base for a CMS site.

Finally the WordPress team spent a lot of time refreshing the styles of the dashboard, updating everything to be Retina-ready with beautiful high resolution graphics, a new color picker, and streamlining a couple of fewer-used sections of the admin.

For Developers

You can now put your (or anyone’s) username on the plugins page and see your favorite tagged ones, to make it easy to install them again when setting up a new site. There’s a new Tumblr importer. New installs no longer show the links manager. Finally for multisite developers switch_to_blog() is way faster and you can now install MS in a sub-directory. The Underscore and Backbone JavaScript libraries are now available. The Codex has a pretty good summary of the developer features above and beyond this, and you can always grab a warm beverage and explore Trac directly.