Drupal 6 security updates for Flag!

rfp-robotRFP ROBOT: Website Request for Proposal Generator

The time has come for a new website (or website redesign), which means you need to write a website request for proposal or web RFP. A Google search produces a few examples, but they vary wildly and don’t seem to speak really to your goals for developing or redesigning a new website. You need to write a website RFP that will clearly articulate your needs and generate responses from the best website designers and developers out there. But how?

Have no fear, RFP Robot is here. He will walk you through a step-by-step process to help you work through the details of your project and create a PDF formatted website design RFP that will provide the information vendors need to write an accurate bid. RFP Robot will tell you what info you should include, point out pitfalls, and give examples.

As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules – but the Drupal 6 LTS vendors are and we’re one of them!Today, there is a Moderately Critical security releases for the Flag module for multiple Access Bypass vulnerabilities.The module includes a view that lists each user’s bookmarked content as a tab on their user profile. The permissions on this view are setup incorrectly, allowing any user who has permission to use the ‘bookmarks’ flag to see the list of content that any user has bookmarked.See the security advisory for Drupal 7 for more information.Here you can download the patch for 6.x-1.x or 6.x-2.x!If you have a Drupal 6 site using the Flag module, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)If you’d like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they’re released, please check out our D6LTS plans.Note: if you use the myDropWizard module (totally free!), you’ll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won’t necessarily have a release on

Posted on August 31, 2016 in Austin Drupal Development, drupal agencies, drupal agency dallas, drupal agency dfw, drupal agency houston, drupal agency san antonio, Drupal Best Practices, Drupal Blocks, Drupal COPE, drupal crisis, Drupal design college station, drupal design San Antonio, drupal design,, drupal Designer, Drupal Designer Chicago, drupal developer,, drupal developers,, Drupal Development, Drupal Development Chicago IL, Drupal Development Chicago Illinois, drupal development company,, drupal ecommerce,, Drupal Educational, drupal emergency, Drupal Entities, Drupal Experts Chicago, drupal help, Drupal in Austin, Drupal Jobs, Drupal Maintenance Austin, Drupal Maintenance Chicago, Drupal Maintenance Chicago IL

Share the Story

Back to Top