This release will address all current security advisories, add the TFA module, and apply several other module updates.
The GovCMS team has completed testing on this release and will be deploying GovCMS 3.7 to all GovCMS D7 SaaS sites on Wednesday 5 June starting at 1800 AEDT and running through to 0800 the following day.
This release has resolved all outstanding Security Vulnerabilities for GovCMS:
* [SA-CONTRIB-2019-052] Update Universally Unique IDentifier module to 7.x-1.3 (from 7.x-1.1)
In addition, the following modules have been updated:
* clamav, crumbs, event_log, file_entity, minisite, quicktabs, redirect, seckit, video_filter and webform
This release includes the necessary modules for two-factor authentication (2FA) - Note that this has not been activated on any GovCMS sites yet, and more information will be provided by GovCMS in the near future on how to configure 2FA for your authenticated users.
No outages are expected to sites during this process.
The full list of changes in this release is available at https://www.drupal.org/project/govcms/releases/7.x-3.7
All SaaS customers should check their sites, and raise any tickets for any concerns at: https://www.govcms.support
For customers utilising the GovCMS distribution outside the SaaS platform, this version has been released to GitHub at: https://github.com/govCMS/govCMS/releases/tag/7.x-3.7
and Drupal.org at https://www.drupal.org/project/govcms/releases/7.x-3.7