ニュースアグリゲータ

Linkit media file direct

drupal.org - 新着モジュール - 2017-03-16 (木) 16:06

Provides a new substitution type for Linkit that will automatically
output a direct download link for the media if its a single file, and
link to the media page if there are multiple files attached to the
media entity.

Smart Content

drupal.org - 新着モジュール - 2017-03-16 (木) 05:47

Personalization for blocks, view modes and more. In heavy development, more details soon to follow.

Drupal Core - Multiple Vulnerabilities - SA-CORE-2017-001

Drupal 8.2.7, a maintenance release which contains fixes for security vulnerabilities, is now available for download.

Download Drupal 8.2.7

Update your existing Drupal 8 sites is strongly recommended. There are no new features nor non-security-related bug fixes in this release. See the 8.2.7 release notes for details on important changes and known issues affecting this release. Read on for details of the security vulnerabilities that were fixed in this release.

  • Advisory ID: DRUPAL-SA-CORE-2017-001
  • Project: Drupal core
  • Version: 8.x
  • Date: 2017-March-15
Description Editor module incorrectly checks access to inline private files - Drupal 8 - Access Bypass - Critical - CVE-2017-6377

When adding a private file via a configured text editor (like CKEditor), the editor will not correctly check access for the file being attached, resulting in an access bypass.

Some admin paths were not protected with a CSRF token - Drupal 8 - Cross Site Request Forgery - Moderately Critical - CVE-2017-6379

Some administrative paths did not include protection for CSRF. This would allow an attacker to disable some blocks on a site. This issue is mitigated by the fact that users would have to know the block ID.

Remote code execution - Drupal 8 - Remote code execution - Moderately Critical - CVE-2017-6381

A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution.

This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed.

You might be vulnerable to this if you are running a version of Drupal before 8.2.2. To be sure you aren’t vulnerable, you can remove the /vendor/phpunit directory from the site root of your production deployments.

Solution

Update to Drupal 8.2.7

Reported by Editor module incorrectly checks access to inline private files - Drupal 8 - Access Bypass - Critical - CVE-2017-6377 Some admin paths were not protected with a CSRF token - Drupal 8 - Cross Site Request Forgery - Moderately Critical - CVE-2017-6379 Remote code execution - Drupal 8 - Remote code execution - Moderately Critical - CVE-2017-6381 Fixed by Editor module incorrectly checks access to inline private files - Drupal 8 - Access Bypass - Critical - CVE-2017-6377 Some admin paths were not protected with a CSRF token - Drupal 8 - Cross Site Request Forgery - Moderately Critical - CVE-2017-6379 Remote code execution - Drupal 8 - Remote code execution -Moderately Critical - CVE-2017-6381 Updates

Updated the above text to link to the correct update directions.

Contact and More Information

The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.

Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.

Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity

Epsilon Connector

drupal.org - 新着モジュール - 2017-03-15 (水) 23:19

This module is responsible for integrating the current site to the DREAM real-time messaging service, called Epsilon. The main purpose is the code modularization. In other words, the e-mail integration will not only depend on the current site.

Get Started

To get started, you need to contact the DREAM team, requesting the Epsilon integration data for the current site.

Transfer user content

drupal.org - 新着モジュール - 2017-03-15 (水) 20:24

Adds a user tab to assign a users content to another user.

Useful if you want to make an editor not an editor any more, but the new editor should get the author rights to the content of the "previous" editor.

Webform LinkedIn Tokens

drupal.org - 新着モジュール - 2017-03-15 (水) 17:20
General information

This is a light weight module and an extension for the Webform module, to populate web form fields with user profile data from LinkedIn through tokens.

Address Map Link

drupal.org - 新着モジュール - 2017-03-15 (水) 13:14

Provides functionality for displaying Address fields as links to a mapping site.

Uniclass 2015

drupal.org - 新着モジュール - 2017-03-15 (水) 09:58

Uniclass 2015 is a unified classification for the UK industry covering all construction sectors. This module brings Uniclass 2015 classification to Drupal 8.

Panelized Entity

drupal.org - 新着モジュール - 2017-03-15 (水) 07:31

Creates a panelized entity which can be embedded on non-panelized pages allowing a small level of customization without effecting the entire page.

Requirements

jsTree menu

drupal.org - 新着モジュール - 2017-03-15 (水) 03:13

This module allows you to render all your menus with jsTree library via blocks.

Once you have the module enabled you will have a new block for every menu you have on your Drupal site. This blocks will render its menu with jsTree. All blocks of this module have a name of style "jsTree menu: MENU_NAME".

You can switch between "default" and "proton" themes via admin form.

Help Text Toggle

drupal.org - 新着モジュール - 2017-03-15 (水) 00:40

Adds a Font Awesome icon to fields with a description that allows users to toggle the display of the description.

Configuration -> /admin/help_text/settings

Current config options:
- Font Awesome Icon
- Icon Size
- Icon Title Text
- Icon Alt Text
- Apply Only to Node Forms

Dependencies

Acquia GeoIP Country variation

drupal.org - 新着モジュール - 2017-03-14 (火) 23:09

This is a tiny module for Acquia clients that have GeoIP support installed on their load balancers. It changes Drupal's Vary response header to include the X-Geo-Country header. The effect of this is that the visitors of your site will get cached responses for only the country they are visiting from.

Radix Full-Width

drupal.org - 新着モジュール - 2017-03-14 (火) 22:55

Provides Panels full-width style, layouts, and related utilities for use in a Panopoly site (or Panopoly-based distribution), making it easier to build modern full-width landing pages.

Currently includes support for "full width" style plugins, layouts and themes, where a region style can span the full width of the page.

Druppio Small Business

drupal.org - 新着テーマ - 2017-03-14 (火) 17:19
IMPORTANT

************************************
If you want to try whole experience of Small Business Theme we suggest that you download our distribution (Drupal + Small Business Theme). This way you will get all the demo content and fully working website.

DOWNLOAD DISTRIBUTION HERE

************************************

Druppio Small Business is theme for small business, personal portfolio etc.

Our vision was to present clear and simple first impression about business in one image.

Technology

Small Business theme is written in SASS, compiled by GULP and use BrowserSync for development environment. For grid system we use susy and breakpoint.
Advance users can use it like this or simply rewrite the CSS files directly. If you are junior user you have a text field in theme admin where you can just add your css styles and it will be applied to theme.

You have detailed description of development environment in readme.txt file.

Features
  • Documentation included
  • Browser compatibility
  • Drupal 8 version
  • Web Technology HTML5/CSS 3
  • Fully responsive
  • Easy setup
  • Distribution download
Distribution

You can simply download per-configured distribution (with Small Business theme) and everything will be set for you. The whole website with modules, views, blocks, theme and test content.

You can download the distribution here.

Everything you see in demo page on this site, will be seen when you download this distribution 1:1.

Support

If you have any question feel free to contact us.

testmodule123

drupal.org - 新着モジュール - 2017-03-14 (火) 16:56

test upload module

UiT

drupal.org - 新着モジュール - 2017-03-14 (火) 01:35

The UiT module adds an agenda of culture-related activities on your website, based on data coming from UiTdatabank.

oLogin

drupal.org - 新着モジュール - 2017-03-13 (月) 10:44

oLogin is an All-in-one thrid-party login solution, site builders and developers can integrate social media account login ability to their drupal sites.

By default, oLogin integrate WeChat(WeiXin) QRCode login ability to Drupal, by add other add-ons, users can use other social media accounts to login Drupal.

MDBootstrap

drupal.org - 新着テーマ - 2017-03-13 (月) 00:30

Verti

drupal.org - 新着テーマ - 2017-03-12 (日) 01:40

Verti is a responsive theme for Drupal8, templated by HTML5 UP and drupalized by SeASerWeb.

  • Full responsive theme (mobile, tablet and desktop breakpoints)
  • HTML5 + CSS3
  • Built on skelJS
  • Super customizable
  • Regions
    • Header
    • Banners
    • Features
    • Content
    • Sidebar first
    • Sidebar second
    • Footer first
    • Footer second
    • Footer third
    • Footer
コンテンツの配信