Version 4.2 of WordPress, named “Powell” in honor of jazz pianist Bud Powell, is available for download or update in your WordPress dashboard. New features in 4.2 help you communicate and share, globally.An easier way to share content
Clip it, edit it, publish it. Get familiar with the new and improved Press This. From the Tools menu, add Press This to your browser bookmark bar or your mobile device home screen. Once installed you can share your content with lightning speed. Sharing your favorite videos, images, and content has never been this fast or this easy.Extended character support
Writing in WordPress, whatever your language, just got better. WordPress 4.2 supports a host of new characters out-of-the-box, including native Chinese, Japanese, and Korean characters, musical and mathematical symbols, and hieroglyphs.
Don’t use any of those characters? You can still have fun — emoji are now available in WordPress! Get creative and decorate your content with
Jahia is aiming at launching a community project at the Apache Foundation, whose mission it is to provide software for the public good. One of the Apache Foundation many strengths in this respect is to provide a license that is both business-friendly and open to any development community. Thus this project would allow all software vendors, brands, organizations and communities to use an open, agreed upon and community-enriched engine to collect and share user context data.
The Netwrix 2015 State of IT Changes Survey of more than 700 IT professionals across 40 industries found that 70% of companies forget about documenting changes, up from 57% last year. Most surprisingly, the number of large enterprises that make undocumented changes has increased by 20% to 66%.
Undocumented changes pose a threat to business continuity and the integrity of sensitive data. The survey shows that 67% of companies suffer from service downtime due to unauthorized or incorrect changes to system configurations and the worst offenders are large enterprises in 73% of cases.
Whether I’m speaking with marketers, technologists, product management or sales, one topic is constantly top of mind: the importance of understanding and communicating content ROI. And, equally importantly: responding to content ROI quickly, and efficiently.
WordPress 4.1.2 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. This was reported by Cedric Van Bockhaven and fixed by Gary Pendergast, Mike Adams, and Andrew Nacin of the WordPress security team.
We also fixed three other security issues:
- In WordPress 4.1 and higher, files with invalid or unsafe names could be uploaded. Discovered by Michael Kapfer and Sebastian Kraemer of HSASec.
- In WordPress 3.9 and higher, a very limited cross-site scripting vulnerability could be used as part of a social engineering attack. Discovered by Jakub Zoczek.
- Some plugins were vulnerable to an SQL injection vulnerability. Discovered by Ben Bidner of the WordPress security team.
Download WordPress 4.1.2 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.1.2.
Thanks to everyone who contributed to 4.1.2: Allan Collins, Alex Concha, Andrew Nacin, Andrew Ozz, Ben Bidner, Boone Gorges, Dion Hulse, Dominik Schilling, Drew Jaynes, Gary Pendergast, Helen Hou-Sandí, John Blackburn and Mike Adams.
A number of plugins also released security fixes yesterday. Keep everything updated to stay secure. If you’re a plugin author, please read this post to confirm that your plugin is not affected by the same issue. Thank you to all of the plugin authors who worked closely with our security team to ensure a coordinated response.
The Joomla! Production Leadership Team (PLT) is pleased to announce the addition of a new member. We welcome Tessa Mero to the team. Tessa will be managing speaking opportunities for the PLT and developer community. She will be sharing information, writing technical tutorials, blogs, and reaching out to the greater php developer community. In addition, Tessa will help manage and organize code sprints.
The PLT is responsible for leading and coordinating the development of the Joomla CMS and the Joomla Framework. This includes releasing new versions, fixing bugs, adding new features, translating and creating documentation.The addition of Tessa brings the total of current PLT members to ten:
- Chris Davenport
- Javier Gomez
- Thomas Hunziker
- Tessa Mero
- Tom Hutchison
- George Wilson
- Roland Dalmulder
- Jessica Dunbar
- Viktor Vogel
- Robert Deutz
Growing up her entire life in Seattle, Tessa received her web application degree and certification and was hired late 2011 at a Ski and Snowboard company creating their manufacturing websites. After being hired, she discovered Joomla! after taking a training course with OSTraining and then attending her first Joomla! Day NYC in October 2011. Since then, she's been very passionate for the Joomla! community and has devoted her spare time with contributing to the Joomla! Project.
She started with helping test patches in the Joomla! Bug Squad and moved to being an assistant manager of the JED (Joomla! Extensions Directory) team, in charge of hiring and training new team members. She recently served a term as a Board of Director for Open Source Matters, Inc,
She is the organizer of the Seattle Joomla! User Group and hoping to share her love and inspiration for Joomla! around her area.
Aside from being a web developer, teaching web development classes at a college, and being an open source contributor, she also does fun things like plays the Clarinet, hangs out at Chuck-E-Cheese's with her 2 kids (a lot), Snowboards, and has love for the outdoors.The future
The Production Leadership Team plans the addition of more members during 2015. If you would like to nominate a member from the Joomla community for serving the PLT there is a permanent nomination form available. You are invited to congratulate the new members at the following forum topic: http://forum.joomla.org/viewtopic.php?f=704&t=883175
Competition in the retail world is as cutthroat as ever. With so many retailers out there, the race is on to reach as many customers as possible with the best offers possible. Businesses that go into this race expecting to use traditional methods, however, will quickly find themselves falling behind the rest of the pack. We live in a much different world now where customers are more knowledgeable and empowered than ever before. Thanks to the internet, consumers can find out all they want to know about specific products before ever deciding to purchase them. This has forced retailers to raise their game when it comes to wooing current and prospective customers. It’s not enough anymore to simply offer a better product at a lower price. Today’s retail world requires businesses to offer a more complete and satisfying customer experience. To achieve this, many retailers are working hard to create what’s known as the 360-degree shopping experience.
On April 15th, a change to a Drupal.org website permission inadvertently allowed a small segment of users to view a report listing the email addresses of recently logged in users. No passwords were involved. The problem was mitigated within 13 hours of being introduced and within 3 hours of being reported. The problem was completely resolved within 24 hours of introduction. The number of affected email addresses is relatively small – fewer than 500. Those users are being contacted directly if their email was affected. Users with maintainer access or the community role and above were not affected by this incident.
The users with permission to see this report were limited to community members that have shown frequent contribution to Drupal.org. The possible exposure time was also limited to between April 15, 2015 20:53 UTC to April 16, 2015 9:00 UTC. There were approximately 44 IP addresses that accessed the information during that time. These users are mostly administrators of Drupal.org and the community members who first reported the incident.
Even though the exposure of email addresses was limited as described above, we recommend all users to be cautious of any email that asks you for personal information.
We want to thank the community members who moved quickly to alert the Drupal Security and Drupal.org infrastructure teams about the problem.Front page news: Drupal NewsDrupal version: Drupal 7.x
When you look at the greatest technological advances of the past several decades, it's clear that software has taken the lead. While hardware continues to improve, get smaller and do more with less, it's software that has enabled feature-rich operating systems that can exist on an interface barely larger than your hand. Hardware has maintained a more or less consistent form. It's no wonder then that many corporations are still painfully in the dark ages when it comes to the increase in the BYOD ecosystem. As the new Apple Watch and other smart watches begin to hit the scene, it's going to become increasingly difficult for network engineers to keep company networks secure. Even The Federal Trade Commission has warned about the threats posed by these small, connected devices stating that the data they collect should be limited for security reasons.
When new hardware does come onto the scene, it's widely talked about and speculated upon. Google Glass has failed to catch on so far, but the Apple Watch is likely to spur growth in the smartwatch industry and encourage other manufacturers to create their own versions. Google's Android Wear selection has already entered the market with good success. However, the Apple Watch is likely to be the most popular new piece of hardware introduced in 2015. A boon for Apple, and a virtual nightmare for IT administrators.
In times of war, you may be asked what you can do for your country. In modern times, your country may be asking you to do your part by updating your WordPress plugins.
The United States' Federal Bureau of Investigation (FBI), through the Internet Crime Complaint Center (IC3), issued a public service announcement last week recommending website administrators to update their Wordpress sites. More specifically, the bureau wants you to update your third-party WordPress plugins.
The first initiative on the Drupal.org 2015 roadmap is ‘Better account creation and login’. One of the listed goals for that initiative is “Build a user engagement path which will guide users from fresh empty accounts to active contributors, identifying and preventing spammers from moving further.” This is something Drupal Association team has been focusing on in the last few weeks.
The first change we rolled out a few days ago was a ‘new’ indicator on comments from users whose Drupal.org accounts are fewer than 90 days old. The indicator is displayed on their profile page as well. We hope this will help make conversations in the issue queues and forum comments more welcoming, as people will be able to easily see that someone is new, and probably doesn’t know yet a lot about the way community works.
Today we are taking another step towards making Drupal.org more welcoming environment for new users. But first, a bit of background.New users and spam
It is not a surprise for anyone that a big number of user accounts registering on the site are spam accounts. To fight that and prevent spam content from appearing on Drupal.org, we have a number of different tools in place. Of course, we don’t want these tools to affect all active, honest users of the site, and make their daily experience more difficult. To separate users we are sure about from those we aren’t sure about yet, we have a special ‘confirmed’ user role.
All new users start without such a role. Their content submissions are checked by Honeypot and Mollom, their profiles are not visible to anonymous visitors of the site, and the types of content they may create are limited. Once a user receives a ‘confirmed’ role, his or her submissions will not be checked by spam fighting tools anymore; their profile page will be visible to everyone, and they will be able to create more different types of content on the site.
This system works pretty well, and our main goal is to ensure that valid new users get the ‘confirmed’ role as quickly as possible, to improve their experience and enable them to fully participate on the site.
The best way to identify someone as not a spammer is have another human look at the content they post and confirm they are not spammers. Previously, we had a very limited number of people who could do that-- about 50. Because of that, it usually took quite some time for new user to get the role. This was especially noticeable during sprints.
Today we’d like to open a process of granting a ‘confirmed’ role to the thousands of active users on the site.‘Community’ user role
Today, we are introducing a new ‘Community’ role on the site. It will be granted automatically to users who have been around for some time and reached a certain level of participation on Drupal.org. Users who have this role will be able to ‘confirm’ new users on the site. They will see a small button on comments and user profile of any user who has not yet been confirmed. If you are one of the users with ‘Community’ role, look out for this new Confirm button, and when you see one next to a user - take another look at what the person posted. If their content looks valid, just click ‘confirm’. By doing so, you will empower new users to fully participate on Drupal.org and improve their daily experience on the site.
With expect to have at least 10,000 active users with the ‘Community’ role. With so many people to grant the ‘confirmed’ role, new users should be confirmed faster than ever before.
If you aren’t sure if you have the ‘community’ role or not, don’t worry. We will send an email notification to every user whose account receives the new role. The email will have all the information about the role and how to use it.
Thanks for helping us make Drupal.org a better place!
The release candidate for WordPress 4.2 is now available.
We’ve made more than 140 changes since releasing Beta 4 a week and a half ago. RC means we think we’re done, but with millions of users and thousands of plugins and themes, it’s possible we’ve missed something. We hope to ship WordPress 4.2 on Wednesday, April 22, but we need your help to get there.
If you haven’t tested 4.2 yet, now is the time! (Please though, not on your live site unless you’re adventurous.)
Developers, please test your plugins and themes against WordPress 4.2 and update your plugin’s Tested up to version in the readme to 4.2 before next week. If you find compatibility problems, we never want to break things, so please be sure to post to the support forums so we can figure those out before the final release.
Achievement unlocked: RC
Release here we come
The Marketing Working Group (MWG) is pleased to announce the addition of a new team member. We welcome Mike Veeckmans on board the Marketing team!
Mike Veeckmans will collaborate with the other members of the Marketing Working Group in the role of communications manager, taking care of the successful planning, initiation and execution of some projects. Mike has proved his management skills in many occasions, like Grace Hopper and the launch of Joomla! 3.4 campaign. We felt he was the perfect piece to match our team.
The primary focus of the Marketing Working Group (MWG) is to raise awareness of the Joomla Content Management System (CMS) and Framework within the international Joomla community, as well as the general open source community.
Bedrock Data Will Sync and Automatically Update Data From Services Like HubSpot, Marketo, Mailchimp, Cvent, Salesforce, SugarCRM and More
Boston-based Bedrock Data™ today announced the launch of its data integration platform for businesses, along with $3.11 million in Series A funding led by .406 Ventures. This announcement marks the official launch of the company after over a year of development, testing and customer on-boarding.
One of the Drupal Association's primary missions is to grow the adoption of Drupal. We are about to launch a new program on April 15th called Try Drupal. The program will make it easy and fast for evaluators to try Drupal and have a simple, great experience while on Drupal.org.
We’ve created Try Drupal with our Premium Hosting Supporters to make it easier for CMS evaluators and Drupal.org newcomers to test and work with a Drupal demo site. The Program will showcase a selection of Hosting Companies where a new user can quickly (in less than 20 minutes) sign up and have a Drupal demo site up and running for them to use for free.
This is part of the Drupal Association’s initiative to develop a new revenue stream through advertising programs on Drupal.org. This revenue will help fund various site initiatives by the Association to improve Drupal.org performance, and make it easier to use and more secure. After interviewing many members of the community, we determined that new advertising products should be useful to Drupal.org visitors, support our mission to grow the adoption of Drupal, and should not interfere with visitors contributing to the project.
To ensure a positive Drupal experience, partners need to adhere to the following guidelines:
- Users are directed to a self-serve sign up platform
- Users can create a free account for the demo site that accommodates a trial installation of Drupal 7 or 8
- Users can create a website in 20 minutes or less
- The demo site should be available to the user for a minimum of one day upon sign up
- The partner cannot include a paywall or require a credit card upon sign up
The Try Drupal program will be featured on the homepage of Drupal.org. It will launch with a larger iterative change to the homepage, with an emphasis on helping users move from newcomer, to learner, to skilled Drupal community members.
It’s important that we fund Drupal.org improvements, and that we do so in a responsible way that respects the community. We anticipate rolling out more key advertising programs throughout 2015, stay tuned for more updates. Thanks for taking the time to read about our initiatives, and please tell us your thoughts!
Many social media sites are trying to push back against the juggernaut known as Google and its mammoth advertising operation. Perhaps it’s no secret how important advertising revenue is to most social media platforms. After all, free services have to find money to operate from somewhere. Fully taking advantage of advertising, however, has been tricky thanks to Google AdWords and its powerful influence across the web. AdWords’ reach is impressive and plays a crucial role in Google’s growth. In fact, AdWords is the mega-corporation’s primary source of revenue. Needless to say, many social media platforms see this and want to expand their own advertising efforts in a push to compete with Google every step of the way. Facebook, Twitter, and LinkedIn know the value of a more expansive advertising scope, and though each is working independently of the other, it’s fascinating to see that they’ve come up with similar strategies to achieve their goals.
Expanded Perforce Consulting Services Help Customers Boost Security, Raise Development Efficiency and Adopt DevOps
Perforce Software today announced it is expanding its consulting offerings with new tools and services designed to help customers build complex products better and faster. These new offerings build upon a rich set of training, consulting and support options from Perforce.
How are CMS vendors responding to the contemporary needs of the market to create a content-centric and context-relevant experience for their users?