OSU Web Services

An update was released to our development environment on Thursday, May 10th, 2018. Barring any security releases, this update will be pushed to our production environment on Thursday, May 17th, 2018. The following updates will be applied:

Major Version Upgrade

• None

Drupal Core Bug Fix/Security Updates

• None

Contributed Module Updates

• File Entity 7.x-2.21
  • Performance fix – renamed file_entitycache_file_load to file_entity_entitycache_file_load.
  • php 5.2 compatibility. Tertiarary operator syntax.
• Webform 7.x-4.17
  • More than 10 fixes. Please see project release notes for details.
• WYSIWYG 7.x-2.5
  • This update is only relevant to those sites that are still using the old editor, TinyMCE. If you would like to switch to the new CKEditor, which is a painless process that provides a far superior user experience and will be the default going forward, please submit a help ticket.
  • Verified CKEditor 4.9.2.
    • NOTE: CKEditor 4.5.11 up to 4.9.1 have security issues: https://www.drupal.org/sa-core-2018-003 (*OSU Drupal 7 currently uses a patched version of the 4.5.11 CDN that has addressed this issue.)
  • Fixed the block_formats setting for TinyMCE.

OSU Module Updates

• None

OSU Theme Updates

• None

If you have questions or concerns please contact us through our contact form.

An update was released to our production environment today, Thursday, May 3rd, 2018. The following update will be applied:

Major Version Upgrade

• None

Drupal Core Bug Fix/Security Updates

• None

Contributed Module Updates

• None

OSU Module Updates

• OSU CKEditor 7.x-2.2
  • Icon and Button Picker Plugins now available, automatically
  • See the following instructions: http://webtech.training.oregonstate.edu/osu-drupal-7/technical-manual/working-content/text-editor/osu-ckeditor-plugins

OSU Theme Updates

• Doug Fir 7.x-4.2
  • Fixes mobile menu
  • Adds Google Analytics code for OSU analytics that will now be hardcoded and hidden

If you have questions or concerns please contact us through our contact form.

A security update was released to our production environment today, Wednesday, April 25, 2018:

Major Version Upgrade

• None

Drupal Core Bug Fix/Security Updates

• Drupal Core 7.59*
  • Remote Code Execution vulnerability

Contributed Module Updates

• File Entity 7.x-2.20
  • Required to perform Media security update
  • 10 or more fixes/improvements. Please see project’s release notes.
• Media 7.x-2.19
  •  Remote Code Execution vulnerability

OSU Module Updates

• None

OSU Theme Updates

• None

If you have questions or concerns please contact us through our contact form

*Notes updated to reflect missed update item.

A security update was released to our development environment on Friday, April 20, 2018. This update will be pushed to our production environment on Friday, April 20th. The following update will be applied:

Major Version Upgrade

• None

Drupal Core Bug Fix/Security Updates

• None

Contributed Module Updates

• Display Suite 7.x-2.15
  • Fixed XSite Scripting vulnerability

OSU Module Updates

• None

OSU Theme Updates

• None

If you have questions or concerns please contact us through our contact form.

An update was released to our development environment on Tuesday, March 20, 2018. Barring any security releases, this update will be pushed to our production environment on Thursday, March 22nd. The following updates will be applied:

Major Version Upgrade

• None

Drupal Core Bug Fix/Security Updates

• None

Contributed Module Updates

• Profile2 7.x-1.4
  • More than 10 updates, please see project release notes for details.

OSU Module Updates

• None

OSU Theme Updates

• None

If you have questions or concerns please contact us through our contact form.

An update has been released to our development environment today, Tuesday, February 13, 2018. Barring any security releases, this update will be pushed to our production environment on Thursday, February 22nd. The following updates will be applied:

Major Version Upgrade

• None

Drupal Core Bug Fix/Security Updates

• None

New Modules Added

• Menu Attributes
  • This simple module allows you to specify some additional attributes for menu items such as id, name, class, style, and rel.

Contributed Module Updates

• CAS 7.x-1.7 – Fixed two bugs
  • Bad URL in reports page
  • cas_translated_menu_link_alter overrides destination query strings on menu items
• Entity 7.x-1.9
  • Improve debug output of entity metadata wrapper exceptions.
  • Notice : Undefined property: stdClass::$nid in node_access()
  • Don’t flush Entity Cache tables that aren’t created yet
  • EntityDrupalWrapper::getIterator() throws PHP error: EntityMetadataWrapperIterator::__construct() must be an array
  • Rendered entity in views header accepting arguments from URL
• File Entity 7.x-2.16
  • Token video thumbnail for metatag(open graph) module
  • Optionally Replace File Name During File Replacement
• Honeypot 7.x-1.23
  • The first 7.x release in a while! This release brings with it a special new performance-enhancing feature, namely #2820400: Add possibility to use JS on cached pages.If you’d like to enable experimental JS support (so you can use Honeypot on forms on cached pages!), go to your site’s Honeypot Configuration page, and check the “Use Javascript protection for cacheable pages. (experimental)” option. That’s all you need to do! For users with JS disabled, they will still be able to submit the form, there will just be one more page load required.
• Job Scheduler 7.x-2.0
  • First stable release based on the lack of issues in the queue
• Media 7.x-2.16
  • One change since 2.15:
    • Breaks recognition of media tags
  • New since 7.x-2.14 –
    • Need to display [[ in code
    • Edit URI for remote files
    • CKEditor Strips out Picture Tags When Inserting Images of Picture Type
    • Support recursion into subdirectories for file import

OSU Module Updates

• None

OSU Theme Updates

• None

If you have questions or concerns please contact us through our contact form.

An update has been released to our production environment today, Tuesday, December 19th, 2017. Barring any security releases, this update will be pushed to our production environment on Thursday, December 28th. The following updates will be applied:

Major Version Upgrade

• None

Drupal Core Bug Fix/Security Updates

• None

New Modules Added

• None

Contributed Module Updates

• Domain Access 7.x-3.14
  • Default domain can now be set to a domain which is not on the current page of the admin form
  • Default domain can now be set even if it is not web-accessible
  • Domain.node.js error for anonymous users after validating now fixed
  • Provided actual example in hook_domain_source_alter()
  • Drupal.settings.domain is now defined
  • Domain.node.js error for anonymous users when display in vertical tab group corrected
  • Content published on all affiliates when a language that is not active for that affiliate corrected
• Feeds Tamper 7.x-1.2
  • Added Encoding/decoding plugin for PHP serialize, JSON and Base64
  • Fixed plugin instance ID not showing up in page title when editing or deleting that plugin instance
  • Fixed default_value in config form for ‘Format string’ tamper plugin
  • Fixed 2nd Temporary Target shows as “Missing”
  • Fixed automated testing
  • Fixed undefined index: in feeds_tamper_load_by_importer()
  • [PHP 7 Compatibility] case: feeds_tamper_default_value_callback function
• Media 7.x-2.14
  • Added media/ajax/* as administrative path
  • Fixed Fatal error: [] operator not supported for strings in media.filter.inc on line 376
  • Fixed reset of item weight while removing an item
  • Style selector now keyboard-accessible
• Media: YouTube 7.x-3.6
  • Accessibility Fix: YouTube iframe tag missing name attribute fixed
  • New Feature: Populate metadata coming from MediaInternetYouTubeHandler::oEmbed()
  • Bug Fix:  When autoplay set to OFF in the Drupal UI, the embedded URL no longer shows it as true
• Services Views 7.x-1.3
  • Follow up on Arbitrary views exposed over API security fix

OSU Module Updates

• None

OSU Theme Updates

• None

If you have questions or concerns please contact us through our contact form.

An update will be released to our development environment on Tuesday, November 14th, 2017. Barring any security releases, this update will be pushed to our production environment on Tuesday, November 21st. The following updates will be applied:

Major Version Upgrade

• None

Drupal Core Bug Fix/Security Updates

• None

New Modules Added

• None

Contributed Module Updates

• Better Exposed Filters 7.x-3.5
  • Fixed Cross Site Scripting (XSS) issues with “Enable secondary exposed form options” for users with Administer Views permissions
• Field Group 7.x-1.6
  • Fixed failing test after new ‘administer fields’ permission
  • Updated CHANGELOG.txt to 7.x-1.5 Release
  • Fixed whitespace between “&” and parameters for some functions
  • Cleaned up bad code pattern (that was picked up by security scanners) when getting hash
  • #array_parents updated in field_group_fields_nest()
  • Fixed the word “Show” that appeared in horizontal tab title if node form submitted through ajax
  • Fixed CSS that was breaking i18n string translation interface
  • Fixed “uncaught exception: Syntax error, unrecognized expression: #” after 7.x-1.4 update
  • Fixed PHP7 – Uniform Variable Syntax updates that were causing exported field_groups to not have names
• File Entity 7.x-2.12
  • Fixed Image field alt and title text that were being overridden by file_entity_alt and file_entity_title

OSU Module Updates

• Feeds Display 7.x-2.6 – Update to assist University News and Communication News Feed

OSU Theme Updates

• Doug Fir 7.x-3.8 – Updated accordion styling for Views Accordion plug-in

If you have questions or concerns please contact us through our contact form.