url:drupal.org

Ben CC BY-NC 1/11/2014

Drupal Core - Highly Critical - Public Service announcement - PSA-2014-003 | Drupal.org
▻https://www.drupal.org/PSA-2014-003

If you find that your site is already patched but you didn’t do it, that can be a symptom that the site was compromised - some attacks have applied the patch as a way to guarantee they are the only attacker in control of the site.

BBC News - Millions of websites hit by Drupal hack attack
▻http://www.bbc.com/news/technology-29846539

Drupal should no longer rely on users to apply patches, said Mr Stockley.
“Many site owners will never have received the announcement and many that did will have been asleep,” he said. “What Drupal badly needs but doesn’t have is an automatic updater that rolls out security updates by default.”

Ben CC BY-NC

_cym_ @_cym_ 1/11/2014

La solution préconisée par l’analyste Mark Stockley :
“What Drupal badly needs but doesn’t have is an automatic updater that rolls out security updates by default.”

_cym_ @_cym_
Fil @fil 1/11/2014

#SPIP aussi ? au moins sur l’écran de sécurité ?

Fil @fil
klaus++ @klaus 1/11/2014

On se rappelle ...
When The Merde Hits The Fan...
▻http://drupalradar.com/when-merde-hits-fan
How can Drupal protect its reputation when projects go wrong?
France.fr website is down
France.fr, a major showcase for France as a tourist destination, went down after just one day. It was built by an agency that seems to have no prior Drupal experience. How can Drupal protect its name when any agency can claim to be ’Drupal specialists’?

klaus++ @klaus

Écrire un commentaire