File drupal7.changes of Package drupal7

-------------------------------------------------------------------
Sat Dec 12 11:39:57 UTC 2020 - ecsos <ecsos@opensuse.org>

- Use apache-rpm-macros.
- Put apache configuration files in separat subpackages.

-------------------------------------------------------------------
Sun Dec  6 09:53:52 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 7.76

  Maintenance release of the Drupal 7 series. Includes bug fixes
  and small API/feature improvements only (no major, 
  non-backwards-compatible new functionality).

  No security fixes are included in this release.

  This is the first release to support MySQL 8.
  Please test and report any bugs in the issue queue.

  No changes have been made to the .htaccess, web.config or 
  robots.txt files in this release, so upgrading custom versions
  of those files is not necessary.

  There are multiple changes in default.settings.php - see:
  - Mysql 8 Support on Drupal 7 (commit)
  - The user module's flood control provides better logging and 
    hook_user_flood_control() (commit)
  - waiting for lock in D7's variable_initialize() is optional and
    off by default (commit)
  - D7 can use site name in From: header for system e-mails (commit)

-------------------------------------------------------------------
Sat Nov 28 09:18:36 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 7.75

  Maintenance and security release of the Drupal 7 series.

  This release fixes security vulnerabilities. Sites are urged to 
  upgrade immediately after reading the notes below and the
  security announcement:

    Drupal core - Critical - Third-party library - SA-CORE-2020-013
    (CVE-2020-28948, CVE-2020-28949)

-------------------------------------------------------------------
Fri Nov 20 15:47:20 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 7.74

  Maintenance and security release of the Drupal 7 series.

  This release fixes security vulnerabilities. Sites are urged to 
  upgrade immediately after reading the notes below and the 
  security announcement:

    Drupal core - Critical - Remote code execution - SA-CORE-2020-012
    (CVE-2020-13671)
    
- Changes from 7.73

  Maintenance and security release of the Drupal 7 series.

  This release fixes security vulnerabilities. Sites are urged to 
  upgrade immediately after reading the notes below and the
  security announcement:

    Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2020-007
    (CVE-2020-13666)

  No other fixes are included.

-------------------------------------------------------------------
Fri Jun 19 17:49:32 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 7.72

  Maintenance and security release of the Drupal 7 series.

  This release fixes security vulnerabilities. Sites are urged to 
  upgrade immediately after reading the notes below and the 
  security announcement:

    Drupal core - Critical - Cross-Site Request Forgery - SA-CORE-2020-004
    (Fix CVE-2020-13663)

  No other fixes are included.

- Changes from 7.71

  Maintenance release of the Drupal 7 series.
  
  Includes bug fixes and small API/feature improvements only 
  (no major, non-backwards-compatible new functionality).

  No security fixes are included in this release.
  
  This is the first release to fully support PHP 7.4.

- Changes from 7.70

  Maintenance and security release of the Drupal 7 series.

  This release fixes security vulnerabilities. Sites are urged to 
  upgrade immediately after reading the notes below and the 
  security advisories:

    Drupal core - Moderately critical - Third-party library - SA-CORE-2020-002
    (Fix CVE-2020-11022, CVE-2020-11023)
    Drupal core - Moderately Critical - Open Redirect Vulnerability - SA-CORE-2020-003
    (Fix CVE-2020-13662)
  No other fixes are included.

-------------------------------------------------------------------
Fri Mar 27 12:46:06 UTC 2020 - ecsos@opensuse.org

- Update to 7.69

  Maintenance and security release of the Drupal 7 series.

  This release fixes security vulnerabilities. Sites are urged to 
  upgrade immediately after reading the notes below and the 
  security announcement:

    Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2019-012

  No other fixes are included.
  Important update information

    Drupal 7 includes a bundled version of the pear/archive_tar 
    project, the included version has been updated from 1.4.5 to 
    1.4.9 in order to mitigate Drupal core - Critical - Multiple 
    vulnerabilities - SA-CORE-2019-012

  No changes have been made to the .htaccess, web.config,
  robots.txt, or default settings.php files in this release, so 
  upgrading custom versions of those files is not necessary.

- Run spec-cleaner.

-------------------------------------------------------------------
Tue Dec 10 10:39:16 UTC 2019 - Arjen de Korte <suse+build@de-korte.org>

- Update to 7.68

  Maintenance release of the Drupal 7 series. Includes bug fixes
  and small API/feature improvements only (no major,
  non-backwards-compatible new functionality).
  No security fixes are included in this release.

  See: https://www.drupal.org/project/drupal/releases/7.68

- Generate drupal7 cron.hourly file in spec file to be able to
  use macro for root directory
  - drupal7-cron
- Generate apache2 configuration from .htaccess file from
  upstream
  - drupal7.conf
- Fix she-bangs throughout sources
  - drupal-7.x-scripts-noshebang.patch
  
-------------------------------------------------------------------
Thu Jul 18 11:55:36 UTC 2019 - ecsos@opensuse.org

- Update to 7.67:

  This is a hotfix release for a regression affecting some Drush 
  installations that was introduced by the fix for SA-CORE-2019-007.
  No other fixes are included.

  See: https://www.drupal.org/project/drupal/releases/7.67

- Changes from 7.66:

  This is a hotfix release for a regression affecting some Drush 
  installations that was introduced by the fix for SA-CORE-2019-006.
  No other fixes are included.

  See: https://www.drupal.org/project/drupal/releases/7.66

- Changes from 7.65:

  This is a hotfix release for a regression affecting some Drush 
  installations that was introduced by the fix for SA-CORE-2019-004.
  No other fixes are included.

  See: https://www.drupal.org/project/drupal/releases/7.65

- Changes from 7.64:

  Maintenance release of the Drupal 7 series.

  See: https://www.drupal.org/project/drupal/releases/7.64

-------------------------------------------------------------------
Thu Jan 17 10:22:37 UTC 2019 - ecsos@opensuse.org

- Update to 7.63:

  This is a hotfix release for a regression affecting some Drush 
  installations that was introduced by the fix for SA-CORE-2019-002. 
  No other fixes are included.
  
  See: https://www.drupal.org/project/drupal/releases/7.63


- Changes from to 7.62:

  Maintenance and security release of the Drupal 7 series.

  This release fixes security vulnerabilities. Sites are urged to 
  upgrade immediately after reading the notes below and the 
  security announcement:
  - Drupal Core - Third-party libraries - SA-CORE-2019-001
  - Drupal Core - Arbitrary PHP code execution - SA-CORE-2019-002

  See: https://www.drupal.org/project/drupal/releases/7.62

- Changes from 7.61:
  
  Maintenance release of the Drupal 7 series. 
  
  Includes bug fixes and small API/feature improvements only 
  (no major, non-backwards-compatible new functionality).

  See: https://www.drupal.org/project/drupal/releases/7.61

-------------------------------------------------------------------
Fri Oct 19 06:48:43 UTC 2018 - Karol Babioch <kbabioch@suse.com>

- Update to 7.60:
  * Fixed security issues. See SA-CORE-2018-006 for details.
- Make use of %license macro

-------------------------------------------------------------------
Fri Apr 27 05:43:34 UTC 2018 - ecsos@opensuse.org

- update to 7.59

  Maintenance and security release of the Drupal 7 series.

  This release fixes highly critical security vulnerabilities. 
  Sites are urged to upgrade immediately after reading the notes 
  below and the security announcement:

  Drupal core - Highly Critical - Remote Code Execution - SA-CORE-2018-004

-------------------------------------------------------------------
Thu Mar 29 08:28:17 UTC 2018 - kbabioch@suse.com

- update to 7.58
  
  Maintenance and security release
  
  This release fixes highly critical security vulnerabilities. 
  Sites are urged to upgrade immediately after reading the notes 
  below and the security announcement:

    Drupal core - Highly Critical - Remote Code Execution 
    - SA-CORE-2018-002
  
  See: https://www.drupal.org/project/drupal/releases/7.58
  
- Fixes CVE-2018-7600: Remote code execution vulnerability exists within
  multiple subsystems. This potentially allows attackers to exploit multiple
  attack vectors on a Drupal site, which could result in the site being
  completely compromised. 

-------------------------------------------------------------------
Thu Mar  8 07:57:10 UTC 2018 - ecsos@opensuse.org

- update to 7.57
  
  Maintenance and security release
  
  This release fixes security vulnerabilities. 
  Sites are urged to upgrade immediately after reading the notes 
  below and the security announcement:
  Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2018-001

  See: https://www.drupal.org/project/drupal/releases/7.57

- fixes [boo#1084292], CVE-2017-6927, CVE-2017-6928, CVE-2017-6929, CVE-2017-6932

-------------------------------------------------------------------
Fri Jun 23 06:40:05 UTC 2017 - ecsos@opensuse.org

- Update to 7.56
  
  Maintenance and security release of the Drupal 7 series.

  This release fixes security vulnerabilities. 
  Sites are urged to upgrade immediately after reading the notes below and the security announcement:
  
  See: https://www.drupal.org/project/drupal/releases/7.56
  
- Update to 7.55
  
  Maintenance release of the Drupal 7 series. 
  Includes a variety of improvements and bug fixes (no major, non-backwards-compatible new functionality).
  
  See: https://www.drupal.org/project/drupal/releases/7.55

-------------------------------------------------------------------
Tue Mar 14 08:46:27 UTC 2017 - ecsos@opensuse.org

- Update to 7.54

  Maintenance release of the Drupal 7 series. Includes a variety of improvements and bug fixes 
  (no major, non-backwards-compatible new functionality).

  No security fixes are included in this release.
  
  See: https://www.drupal.org/project/drupal/releases/7.54

- Update to 7.53

  Maintenance release of the Drupal 7 series.

  This release includes a single bug fix to address a regression with drag-and-drop behavior that was introduced 
  in Drupal 7.51 (and persisted in Drupal 7.52) for certain web browsers and certain jQuery versions.

  No changes have been made to the .htaccess, web.config, robots.txt or default settings.php files in this release, 
  so upgrading custom versions of those files is not necessary.

  See: https://www.drupal.org/project/drupal/releases/7.53

- Update to 7.52

  Maintenance and security release of the Drupal 7 series.
  
  This release fixes security vulnerabilities. 
  Sites are urged to upgrade immediately after reading the notes below and the security announcement:

  See: https://www.drupal.org/project/drupal/releases/7.52

- Update to 7.51

  Maintenance release of the Drupal 7 series. 
  Includes a variety of improvements and bug fixes (no major, non-backwards-compatible new functionality).

  No security fixes are included in this release.

  See: https://www.drupal.org/project/drupal/releases/7.51

-------------------------------------------------------------------
Mon Mar 13 17:01:23 UTC 2017 - aj@ajaissle.de

- Include README.SUSE in %doc
- Minor spec cleanup

-------------------------------------------------------------------
Thu Jul 14 15:10:14 UTC 2016 - ecsos@opensuse.org

- Update to 7.50
  
  Maintenance release of the Drupal 7 series. 
  Includes a variety of new features, improvements, and bug fixes (no major, non-backwards-compatible new functionality).

  No security fixes are included in this release.
  
  See: https://www.drupal.org/project/drupal/releases/7.50
  
- Update to 7.44
  
  Maintenance and security release of the Drupal 7 series.
  
  This release fixes security vulnerabilities. 
  
  Sites are urged to upgrade immediately after reading the notes below and the security announcement:
  Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2016-002
  
  See: https://www.drupal.org/project/drupal/releases/7.44
  
-------------------------------------------------------------------
Thu Feb 25 16:57:36 UTC 2016 - ecsos@opensuse.org

- Update to 7.43
  
  This release fixes security vulnerabilities.
  Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2016-001
  
- Update to 7.42
  
  Maintenance release of the Drupal 7 series. 
  Includes bug fixes and small API/feature improvements only (no major, non-backwards-compatible new functionality).

  No security fixes are included in this release.

  No changes have been made to the robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary.

  There is one change to the .htaccess and web.config files in this release

-------------------------------------------------------------------
Mon Oct 26 09:46:37 UTC 2015 - aj@ajaissle.de

- Update to 7.41

  This release fixes security vulnerabilities.
  Drupal Core - Overlay - Less Critical - Open Redirect - SA-CORE-2015-004
  No other fixes are included.

- Update to 7.40
  Maintenance release of the Drupal 7 series.
  Includes bug fixes and small API/feature improvements only (no major new functionality); major, non-backwards-compatible new features are only being added to the forthcoming Drupal 8.0 release.

  No security fixes are included in this release.

  No changes have been made to the web.config or robots.txt files in this release, so upgrading custom versions of those files is not necessary.

  There is one change to the .htaccess file in this release.

  There are two changes to the default settings.php file in this release.

- Updated drupal7.conf
- Updated drupal-7.x-scripts-noshebang.patch

-------------------------------------------------------------------
Sat Aug 22 23:39:12 UTC 2015 - aj@ajaissle.de

- Update to 7.39

  This release fixes security vulnerabilities.
  Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003
  No other fixes are included.

-------------------------------------------------------------------
Thu Jun 18 10:25:34 UTC 2015 - ecsos@opensuse.org

- Update to 7.38
  This release fixes security vulnerabilities. 
  Sites are urged to upgrade immediately after reading the notes 
  below and the security announcement:
  Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-002
  No other fixes are included.

-------------------------------------------------------------------
Sat May 16 10:24:47 UTC 2015 - aj@ajaissle.de

- Update to 7.37

Maintenance release of the Drupal 7 series. Includes bug fixes and small API/feature improvements only (no major new functionality); major, non-backwards-compatible new features are only being added to the forthcoming Drupal 8.0 release.

No security fixes are included in this release.

No changes have been made to the .htaccess, web.config, robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary.

-------------------------------------------------------------------
Sun Apr  5 21:01:23 UTC 2015 - aj@ajaissle.de

- Update to 7.36

Maintenance release of the Drupal 7 series. Includes bug fixes and small API/feature improvements only (no major new functionality); major, non-backwards-compatible new features are only being added to the forthcoming Drupal 8.0 release.

No security fixes are included in this release.

- Don't remove shebang from drupal.sh

-------------------------------------------------------------------
Fri Mar 27 10:14:09 UTC 2015 - aj@ajaissle.de

- update to 7.35

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:

    Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2015-001

- fixes [boo#924645], CVE-2015-2559, CVE-2015-2749, CVE-2015-2750

-------------------------------------------------------------------
Thu Nov 20 12:00:03 UTC 2014 - aj@ajaissle.de

- update to 7.34

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:

    Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2014-006

-------------------------------------------------------------------
Tue Nov 11 09:37:45 UTC 2014 - aj@ajaissle.de

- update to 7.33

Major changes since 7.32:

  * Added an entity_view_mode_prepare() API function to allow entity-defining modules to properly invoke hook_entity_view_mode_alter(), and used it throughout Drupal core to fix bugs with the invocation of that hook (API change: https://www.drupal.org/node/2369141).
  * Added a "theme_hook_original" variable to templates and theme functions and an optional sitewide theme debug mode, to provide contextual information in the page's HTML to theme developers. The theme debug mode is based on the one used with Twig in Drupal 8 and can be accessed by setting the "theme_debug" variable to TRUE (API addition).
  * Began storing the file modification time of each module and theme in the {system} database table so that contributed modules can use it to identify recently changed modules and themes (minor data structure change to the return value of system_get_info() and other related functions).
  * Added a "Did you mean?" feature to the run-tests.sh script for running automated tests from the command line, to help developers who are attempting to run a particular test class or group.
  * Changed the date format used in various HTTP headers output by Drupal core from RFC 1123 format to RFC 7231 format.
  * Added a "block_cache_bypass_node_grants" variable to allow sites which have node access modules enabled to use the block cache if desired (API addition).
  * Made image derivative generation HTTP requests return a 404 error (rather than a 500 error) when the source image does not exist.
  * Fixed a bug which caused user pictures to be removed from the user object after saving, and resulted in data loss if the user account was subsequently re-saved.
  * Fixed a bug in which field_has_data() did not return TRUE for fields that only had data in older entity revisions, leading to loss of the field's data when the field configuration was edited.
  * Fixed a bug which caused the Ajax progress throbber to appear misaligned in many situatons (minor styling change).
  * Prevented the Bartik theme from lower-casing the "Permalink" link on comments, for improved multilingual support (minor UI change).
  * Added a "preferred_menu_links" tag to the database query that is used by menu_link_get_preferred() to find the preferred menu link for a given path, to make it easier to alter.
  * Increased the maximum allowed length of block titles to 255 characters (database schema change to the {block} table).
  * Removed the Field module's field_modules_uninstalled() function, since it did not do anything when it was invoked.
  * Security improvement: Made the database API's orderBy() method sanitize the sort direction ("ASC" or "DESC") for queries built with db_select(), so that calling code does not have to.
  * Changed the RDF module to consistently output RDF metadata for nodes and comments near where the node is rendered in the HTML (minor markup and data structure change).
  * Added an HTML class to RDFa metatags throughout Drupal to prevent them from accidentally affecting the site appearance (minor markup change).
  * Fixed a bug in the Unicode requirements check which prevented installing Drupal on PHP 5.6.
  * Fixed a bug which caused drupal_get_bootstrap_phase() to abort the bootstrap when called early in the page request.
  * Renamed the "Search result" view mode to "Search result highlighting input" to better reflect how it is used (UI change).
  * Improved database queries generated by EntityFieldQuery in the case where delta or language condition groups are used, to reduce the number of INNER JOINs (this is a minor data structure change affecting code which implements hook_query_alter() on these queries).
  * Removed special-case behavior for file uploads which allowed user #1 to bypass maximum file size and user quota limits.

-------------------------------------------------------------------
Thu Oct 16 19:52:13 UTC 2014 - aj@ajaissle.de

- update to 7.32

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:

    SA-CORE-2014-005 - Drupal core - SQL injection

No other fixes are included.

-------------------------------------------------------------------
Thu Aug  7 17:46:42 UTC 2014 - aj@ajaissle.de

- update to 7.31

This release fixes security vulnerabilities. Sites are urged to
upgrade immediately after reading the notes below and the security
announcement:

    SA-CORE-2014-004 - Drupal core - Denial of service

No other fixes are included.

-------------------------------------------------------------------
Fri Jul 25 10:41:49 UTC 2014 - aj@ajaissle.de

- update to 7.30

Major changes since 7.29:

- Fixed a regression introduced in Drupal 7.29 that caused files or
  images attached to taxonomy terms to be deleted when the taxonomy
  term was edited and resaved (and other related bugs with 
  contributed and custom modules; see this issue or the Drupal 7.29
  release notes for more details).
- Added a warning on the permissions page to recommend restricting
  access to the "View site reports" permission to trusted
  administrators. See DRUPAL-PSA-2014-002.

-------------------------------------------------------------------
Wed Jul 16 23:14:54 UTC 2014 - aj@ajaissle.de

- update to 7.29

Major changes since 7.28:
- As of this release, the Drupal form API will automatically 
  sanitize option group labels in select elements. Developers who 
  have implemented forms containing select elements with option 
  groups and who have sanitized the option group labels on their 
  own might therefore find that the labels are double-escaped after
  this release. The solution is to remove the secondary sanitizing 
  and to rely on the sanitizing providing by Drupal core (similar 
  to other form labels, such as those on individual select element 
  options, which were already sanitized by Drupal core previously).

Major changes since 7.27:
- see https://www.drupal.org/drupal-7.28-release-notes

Major changes since 7.26:
- see https://www.drupal.org/drupal-7.27-release-notes

-------------------------------------------------------------------
Mon Feb 24 11:44:07 UTC 2014 - lars@linux-schulserver.de

- rename the package to drupal7 to allow parallel installations 
  and maintenance for distributions with old PHP versions
- fix requirements for php modules to allow other modules to be
  installed that provide the same functionality
- adapt README.SUSE to latest changes

-------------------------------------------------------------------
Mon Feb 17 00:18:19 UTC 2014 - ecsos@opensuse.org

- change wrong owner from sites-dirs 

-------------------------------------------------------------------
Sun Feb 16 19:32:01 UTC 2014 - ecsos@opensuse.org

- fix some errors in spec 

-------------------------------------------------------------------
Sun Feb 16 15:23:04 UTC 2014 - ecsos@opensuse.org

- update to 7.26 

-------------------------------------------------------------------
Tue Aug 11 18:17:29 UTC 2009 - claes.backstrom@fsfe.org

- New security upstream release 6.13

-------------------------------------------------------------------
Mon May 18 19:45:13 CEST 2009 - claes.backstrom@fsfe.org

- New security upstream release 6.12

-------------------------------------------------------------------
Sun Apr 12 12:38:19 CEST 2009 - claes.backstrom@fsfe.org

- New upstream release 6.10

-------------------------------------------------------------------
Sat Nov  1 20:08:20 CET 2008 - claes.backstrom@fsfe.org

- New upstream release 6.6

-------------------------------------------------------------------
Thu Oct 16 00:15:50 CEST 2008 - claes.backstrom@fsfe.org

- Added notes to README and drupal.conf re CVE-2008-3661

-------------------------------------------------------------------
Tue Aug 26 14:30:59 CEST 2008 - claes.backstrom@fsfe.org

- New upstream security release 6.4

-------------------------------------------------------------------
Sun Aug 10 14:41:05 CEST 2008 - claes.backstrom@fsfe.org

- New upstream security release 6.3

-------------------------------------------------------------------
Wed Jul  9 08:20:06 CEST 2008 - claes.backstrom@fsfe.org

- New upstream version 6.2

-------------------------------------------------------------------
Wed Apr  9 22:03:35 CEST 2008 - claes.backstrom@fsfe.org

- New upstream version (6.1)
- Updated noshebang patch

-------------------------------------------------------------------
Thu Feb 14 16:00:56 CET 2008 - claes.backstrom@fsfe.org

- Added files directory to upload files (by public demand).

-------------------------------------------------------------------
Wed Jan 30 16:04:59 CET 2008 - claes.backstrom@fsfe.org

- New upstream security release (5.7)

-------------------------------------------------------------------
Sun Dec 16 14:32:07 CET 2007 - claes.backstrom@fsfe.org

- Added cron script and patch to remove shebang from scripts
- Removed dependency of php5-mysql and include a README about the DB access
- New upstream security release (5.6)
	
-------------------------------------------------------------------
Sat Dec 15 13:50:15 CET 2007 - claes.backstrom@fsfe.org

- Initial package

openSUSE Build Service is sponsored by