Verifying - Verification is currently underway for the maintenance items.
Feb 25, 10:15 AEDT

In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Feb 24, 09:00 AEDT

Scheduled - The latest GovCMS Drupal 8 (D8) distribution update has been released on 23 February, and will be deployed to all GovCMS D8 SaaS sites on Wednesday 24 February 2021. Some sites will be updated during business hours, with the majority updating from 6pm and running through to 8am the following morning.

It addresses a recent critical security advisory issued by Drupal.org. GovCMS assessed this risk as it applied to D8 distribution. Subsequently the security risk was downgraded to moderately critical.

No outages are expected to websites during the deployment process.

What is included in the distribution update?

This release contains:
* Drupal Core update from 8.9.11 to 8.9.13
* Captcha module update from 8.x-1.0-beta1 to 8.x-1.1
* Components module update from 8.x-2.0-beta3 to 8.x2.2
* Encrypt module update from 8.x-3.0-rc2 to 8.x-3.0
* Google Authenticator Login module update from 8.x-1.0-alpha4 to 1.0-alpha6
* Inline entity form module update from 8.x-1.0-rc7 - to 8.x-1.0-rc8
* Linkit module update from 8.x-5.0-beta9 to 8.x-6.0-beta12
* Media entity file replace module update from 8.x1.0-beta2 to 8.x-1.0-beta3
* Page manager module update from 8.x-4.0-beta4 to 8.x-4.0-beta6
* Swiftmailer module update from 8.x-2.0-beta1 to 8.x-2.0
* Two factor authentication module update from 8.x-1.0-alpha4 to 8.x-1.0-alpha7
* Username Enumeration Prevention module update from 8.x-1.0-beta2 to 8.x-1.1

What other changes are being rolled out?

GovCMS Lagoon is being updated to 8.9.12, which includes:
* [Fixed]: Robots.txt correctly generates for non-prod (nginx domains)
* [Update]: Consolidate govcms lagoon images and moved to the “uselagoon” namespace
* [Fixed]: A certificate issue preventing cURL requests to domains using the new R3 Let’s Encrypt intermediary certificate

Details of the above changes can be viewed in the GovCMS Lagoon GitHub repository:
https://github.com/govCMS/lagoon/releases

What must my organisation do now?

SaaS customers need to check their site after the deployment to ensure there aren’t any issues. If you have any concerns, create a GovCMS Service Desk ticket at https://www.govcms.support.
PaaS customers should review the detailed information about this update, and apply updates as needed.

If you use the GovCMS distribution you should apply this version as soon as possible. If you manage your own distribution you should complete an assessment of these issues with the aim to apply updates as soon as possible.

For customers utilising the GovCMS distribution outside the SaaS platform, this version has been released to:
GitHub
https://github.com/govCMS/GovCMS8/releases/tag/1.14.0

Drupal.org
https://www.drupal.org/project/govcms8/releases/8.x-1.14

More information

If you have any concerns, raise a ticket at https://www.govcms.support

Identified - Some PaaS customers may see their Gitlab CI builds failing with the following error: “Couldn’t connect to Docker daemon at http://localhost:[1234] - is it running?”

The issue has been identified and is related to a recent Gitlab upgrade. PaaS customers are advised to apply the following patch to their scaffold to resolve the issue:

https://projects.govcms.gov.au/GovCMS/govcms8-scaffold-ci/-/commit/56d2e2f800bac8f94b907279377c16cf99e49cee
Jan 20, 16:22 AEDT