| Issue Number | 522 |
|---|---|
| Summary | Apply Drupal security updates |
| Created | 2019-08-16 17:43:40 |
| Issue Type | Improvement |
| Submitted By | Kline, Bob (NIH/NCI) [C] |
| Assigned To | Kline, Bob (NIH/NCI) [C] |
| Status | Closed |
| Resolved | 2019-08-17 13:52:19 |
| Resolution | Fixed |
| Path | /home/bkline/backups/jira/oceebms/issue.248482 |
We need to catch up on the following Drupal updates (about half have security patches).
Name |
Machine Name |
Current |
Available |
|---|---|---|---|
Drupal |
|
7.63 |
7.67 |
Chaos tools |
|
7.x-1.14 |
7.x-1.15 |
Chain Menu Access API |
|
7.x-2.0 |
7.x-2.1 |
Organic groups |
|
7.x-1.5 |
7.x-2.10 |
Role delegation |
|
7.x-1.1 |
7.x-1.2 |
Views |
|
7.x-3.20 |
7.x-3.23 |
Webform |
|
7.x-4.19 |
7.2-4.20 |
Wysiwyg |
|
7.x-2.5 |
7.x-2.6 |
Organic groups is the only 1.x -> 2.x upgrade, which would be a cause for concern, but it turns out that this module isn't needed by the EBMS, so we will remove it (and upgrade the others).
Somehow the og (“Organic Groups”) module got installed
and enabled on three of our four EBMS tiers (whoever did it skipped QA
for some reason), even though the Collaborate
page for third-party modules correctly says the EBMS doesn’t need or
use it. The og module was the only thing that showed up in
the output from drush up -n with a 1.x to 2.x upgrade. When
I looked at the possibility of just applying the upgrade as a harmless
thing we don’t use, I found the instructions for the
upgrade and realized just how hairy it was. However,
disabling og also turned out to be much trickier than I
would have expected, with obscure messages complaining that the module
couldn’t be disabled, because installed fields depended on it (without
naming those fields). I dug in and found the fields, used drush to
delete them, and tried again to disable og. Still didn’t
work. Turns out I had to run drush cron a couple of times
to really delete the fields, at which point I was finally able
to disable og. Have I said lately how much
I _love_Drupal? 😛
Security updates scripted and tested on DEV.
Elapsed: 0:00:00.000486