Upgrade GovCMS D8 SaaS to version 8.x-1.14.0
Scheduled Maintenance Report for GovCMS
Completed
The scheduled maintenance has been completed.
Posted Mar 09, 2021 - 10:04 AEDT
Verifying
Verification is currently underway for the maintenance items.
Posted Feb 25, 2021 - 10:15 AEDT
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Feb 24, 2021 - 09:00 AEDT
Scheduled
The latest GovCMS Drupal 8 (D8) distribution update has been released on 23 February, and will be deployed to all GovCMS D8 SaaS sites on Wednesday 24 February 2021. Some sites will be updated during business hours, with the majority updating from 6pm and running through to 8am the following morning.

It addresses a recent critical security advisory issued by Drupal.org. GovCMS assessed this risk as it applied to D8 distribution. Subsequently the security risk was downgraded to moderately critical.

No outages are expected to websites during the deployment process.

What is included in the distribution update?

This release contains:
* Drupal Core update from 8.9.11 to 8.9.13
* Captcha module update from 8.x-1.0-beta1 to 8.x-1.1
* Components module update from 8.x-2.0-beta3 to 8.x2.2
* Encrypt module update from 8.x-3.0-rc2 to 8.x-3.0
* Google Authenticator Login module update from 8.x-1.0-alpha4 to 1.0-alpha6
* Inline entity form module update from 8.x-1.0-rc7 - to 8.x-1.0-rc8
* Linkit module update from 8.x-5.0-beta9 to 8.x-6.0-beta12
* Media entity file replace module update from 8.x1.0-beta2 to 8.x-1.0-beta3
* Page manager module update from 8.x-4.0-beta4 to 8.x-4.0-beta6
* Swiftmailer module update from 8.x-2.0-beta1 to 8.x-2.0
* Two factor authentication module update from 8.x-1.0-alpha4 to 8.x-1.0-alpha7
* Username Enumeration Prevention module update from 8.x-1.0-beta2 to 8.x-1.1

What other changes are being rolled out?

GovCMS Lagoon is being updated to 8.9.12, which includes:
* [Fixed]: Robots.txt correctly generates for non-prod (nginx domains)
* [Update]: Consolidate govcms lagoon images and moved to the “uselagoon” namespace
* [Fixed]: A certificate issue preventing cURL requests to domains using the new R3 Let’s Encrypt intermediary certificate

Details of the above changes can be viewed in the GovCMS Lagoon GitHub repository:
https://github.com/govCMS/lagoon/releases

What must my organisation do now?

SaaS customers need to check their site after the deployment to ensure there aren’t any issues. If you have any concerns, create a GovCMS Service Desk ticket at https://www.govcms.support.
PaaS customers should review the detailed information about this update, and apply updates as needed.

If you use the GovCMS distribution you should apply this version as soon as possible. If you manage your own distribution you should complete an assessment of these issues with the aim to apply updates as soon as possible.

For customers utilising the GovCMS distribution outside the SaaS platform, this version has been released to:
GitHub
https://github.com/govCMS/GovCMS8/releases/tag/1.14.0

Drupal.org
https://www.drupal.org/project/govcms8/releases/8.x-1.14

More information

If you have any concerns, raise a ticket at https://www.govcms.support
Posted Feb 23, 2021 - 16:51 AEDT
This scheduled maintenance affected: GovCMS Projects (Individual websites).
Current Status Powered by Atlassian Statuspage