You are here
Changes:
- Update Drupal7 to latest upstream version - 7.78. Resolves a number of
security related issues.
- Update Drush to latest v8.x - 8.4.6.
- Include 'turnkey-composer' wrapper script - runs composer as www-data
user. Makes it easy to not run composer as root - part of #1539.
- Explicitly install composer (rather than automatically include in all LAMP
based appliances) - part of #1563.
- Note: Please refer to turnkey-core's 16.1 changelog for changes common to
all appliances. Here we only describe changes specific to this appliance.
Links
Changes:
- Update Drupal7 to latest upstream version - 7.72. Resolves a number of
security related issues.
- Update Drush to latest v8.x - 8.4.0.
- Explcitly disable TLS<1.2 (i.e. SSLv3, TLSv1, TLSv1.1). (v15.x
TurnKey releases supported TLS 1.2, but could fallback as low as TLSv1).
- Update SSL/TLS cyphers to provide "Intermediate" browser/client support
(suitable for "General-purpose servers with a variety of clients,
recommended for almost all systems"). As provided by Mozilla via
https://ssl-config.mozilla.org/.
- Updated all relevant Debian packages to Buster/10 versions; including
PHP 7.3.
- Updated version of mysqltuner script - now installed as per upstream
recommendation.
- Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
Links
Changes:
- Update Drupal7 to latest upstream version - 7.67. Resolves:
- SA-CORE-2019-006 - Moderately critical security issue(s).
- SA-CORE-2019-007 - Moderately critical security issue(s).
- Enable utf8-mb DB character encoding, so the full utf8 character set is
supported.
- Include php-mbstring package for improved full utf8 support.
- Include php-uploadprogress so upload progress bar is displayed.
Links