An update was released to our development environment on Tuesday, August 30th, 2016 and will be released to production sites on Tuesday, September 6th, barring any security/emergency updates. The following updates have been applied:
Major Version Upgrade
Drupal Core Bug Fix/Security Updates
New Modules Added
Contributed Module Updates
- Webform 7.x-4.14:
- This release contains two updates that have been rolled into one
- 7.x-4.13 The update of most concern for us is the one that involves conditionals. Users can now actually nest conditional statements inside of other conditional statements. This is pretty exciting, but it also opens the door for some potential confusion. We ask of anyone who is using conditionals to give their form(s) a test in their dev environment to make sure everything is working correctly.
- Additionally, there are more than ten other updates that have been introduced. For more information, see the referenced release notes.
- 7.x-4.14 was not a security release, but there were two big security improvements that were added to let users better understand the security ramifications of two existing features
- Submission results downloaded as delimited text files (e.g. CSV). Some spreadsheets interpret cell data within a delimited text file as a formula, leading to a formula injection vulnerability in the spreadsheet. Data submitted by untrusted users that may be opened by a spreadsheet should be downloaded in Microsoft Excel format rather than delimited text format. The Webform submission download page makes this clear.
- Additionally there are more than ten other updates that have been introduced. For more information, see the referenced release notes
OSU Module Updates
OSU Theme Updates
If you have questions or concerns please contact us though our contact form.
Leave a Reply