Hacker News new | ask | show | jobs
by andyhnj 4244 days ago
We did a lot of Drupal work at my last job, and I sent my ex-boss a friendly warning about this when it was first announced, but I don't think he patched all of their Drupal sites. I could be wrong, but I just checked the CHANGELOG.txt on a couple of them, and they're still on 7.27.
2 comments
JohnTHaller 4244 days ago
Why on earth is CHANGELOG.txt included on a production server and publicly accessible?
link
Fannon 4243 days ago
I had to try to believe it.
link
dageshi 4244 days ago
Probably did the one line patch?

There was a one line patch that fixed this particular bug. Probably a lot easier to apply that than to do a full core update to a bunch of sites.

link