February 3rd, 2012· Fixes SA-CORE-2012-001 - Drupal core multiple vulnerabilities - http://drupal.org/node/1425084
January 12th, 2012· Fixes SA-CONTRIB-2012-004 - Date - SQL injection - http://drupal.org/node/1401434
November 3rd, 2011· This is a security release of ProsePoint, addressing a security vulnerability. It is recommended that all users upgrade to this version of ProsePoint.
July 21st, 2011· The Visual editor has been upgraded to tinymce 3.4.3.2 which works with Internet Explorer 9. Previous versions of ProsePoint may have issues with Internet Explorer 9. It is recommended that users upgrade to this version of ProsePoint.
May 26th, 2011· SA-CORE-2011-001 - Drupal core - Multiple vulnerabilities - http://drupal.org/node/1168756
May 6th, 2011· This is a maintenance release of ProsePoint in order to keep up to date with upstream components.
December 16th, 2010· This is a security release of ProsePoint, addressing a security vulnerability. It is recommended that all users upgrade to this version of ProsePoint.
November 12th, 2010· Service Links Drupal module updated to 6.x-2.0.
· jQuery UI Drupal module added.
· Date Drupal module updated to 6.x-2.6.
August 12th, 2010ProsePoint 0.35 addresses the following security vulnerabilities:
· SA-CORE-2010-002 - Drupal core - Multiple vulnerabilities - http://drupal.org/node/880476
· SA-CONTRIB-2010-088 - Content Construction Kit (CCK) - Access Bypass - http://drupal.org/node/880736
· SA-CONTRIB-2010-085 - Pathauto - Cross Site Scripting - http://drupal.org/node/880522
June 17th, 2010· This is a security and maintenance release of ProsePoint, addressing a few security vulnerabilities and a few bugfixes. It is recommended that all users upgrade to this version of ProsePoint.
Security Vulnerabilities:
ProsePoint 0.34 addresses the following security vulnerabilities:
· SA-CONTRIB-2010-065 - Content Construction Kit (CCK) - Access Bypass - http://drupal.org/node/829566
· SA-CONTRIB-2010-066 - FileField - Cross Site Scripting - http://drupal.org/node/829808
· SA-CONTRIB-2010-067 - Views - Multiple vulnerabilities - http://drupal.org/node/829840
May 6th, 2010· This is a security and maintenance release of ProsePoint, addressing two security vulnerabilities and a few bugfixes. It is recommended that all users upgrade to this version of ProsePoint.
April 8th, 2010· SA-CONTRIB-2010-036 - Views - multiple vulnerabilities - http://drupal.org/node/765022
March 4th, 2010· Add german translation for Composite Layout
· Upgrade modules: workflow 6.x-1.4. Fixes SA-CONTRIB-2010-023 - Workflow - Cross Site Scripting.
· Upgrade Drupal core: Drupal 6.16-pp1. Fixes SA-CORE-2010-001 - Drupal core - Multiple vulnerabilities.
February 4th, 2010· This is a minor security and maintenance release of ProsePoint, addressing one security vulnerability and a few bugfixes. It is suggested that all users upgrade to this version of ProsePoint.
Security Vulnerabilities:
ProsePoint 0.30 addresses the following security vulnerabilities:
· SA-CONTRIB-2010-013 - Menu Breadcrumb - Cross site scripting - http://drupal.org/node/703652
Other Changes:
· There are also a few bugfixes and upgrades to constituent modules. For the full list of changes, please see the changelog.
December 17th, 2009· This is a minor security and maintenance release of ProsePoint, addressing one security vulnerability and a few bugfixes. It is suggested that all users upgrade to this version of ProsePoint.
Security Vulnerabilities:
ProsePoint 0.29 addresses the following security vulnerabilities:
· SA-CORE-2009-009 - Drupal Core - Cross site scripting - http://drupal.org/node/661586
· Interestingly, the upstream advisory rates this as not critical.
October 30th, 2009· This is a minor security and maintenance release of ProsePoint, addressing one security vulnerability. All users are advised to upgrade to this version of ProsePoint.
October 22nd, 2009· This is a security and maintenance release of ProsePoint, addressing one security vulnerability and a few other minor changes. All users are strongly advised to upgrade to this version of ProsePoint.
August 20th, 2009· This is a security and maintenance release of ProsePoint, addressing one security vulnerability and a few other bugfixes. There are no new features in this release. All users are advised to upgrade to this version of ProsePoint.
Security Vulnerability:
· ProsePoint 0.25 addresses the security vulnerability SA-CONTRIB-2009-051 - ImageCache - Multiple vulnerabilities (http://drupal.org/node/554084).
Other Changes:
· There are also a few bugfixes.
July 31st, 2009· This is a security and maintenance release of ProsePoint, addressing one security vulnerability and a few other bugfixes. There are no new features in this release. All users are advised to upgrade to this version of ProsePoint.
July 2nd, 2009· This is a security and maintenance release of ProsePoint, addressing one security vulnerability and associated bugfix. There are no new features in this release.
June 11th, 2009· This is a security and maintenance release of ProsePoint, addressing one security vulnerability and a few bugfixes. There are no new features in this release.
May 19th, 2009New Features:
· Reimplementation of workflow
· The workflow capability of ProsePoint has been reimplemented. It now uses Drupal's Workflow module and is much more flexible and configurable. You can now add your own workflow states, and also adjust workflow permissions to a more finer degree.
· Field_extended_status has been removed. The upgrade should take care of migrating the old status values to the new Workflow format (but see the upgrade notes below).
· The previous status value Published has been converted to the workflow state Public, and a new workflow state Private has been added.
Stories in the Private workflow state are restricted as follows:
· The page displaying the full story (ie. .../node/xxx or .../story/) is only accessible to logged in visitors. However, if a Private story is listed in an edition or in a block, it is still accessible to all website visitors.
· This is the default behaviour as configured by ProsePoint, but can be changed by the website administrator.
· Configurable teaser image sizes
· The size of extracted teaser images is now configurable by content type and by node. When editing page or story nodes, there is now a new dropdown select to choose the teaser image size. If the default is unchanged, the teaser image will be set to the size configured for that content type.
· Editions can override teaser image size
· Editions can override the teaser image size of story nodes which are displayed in its Headlines. There is a new Format dropdown select to specify this. For example, you can now specify that the first story of an edition is to be displayed with a larger teaser image (or no teaser image at all). The Headlines Format settings of an edition overrides the teaser image size setting of the story.
Other Changes:
· There are a number of upgrades to some upstream modules, and one bugfix.
May 14th, 2009· This is a security release of ProsePoint addressing an upstream vulnerability. There are also a couple of very minor fixes and one very minor enhancement. All users are advised to upgrade to this version.
Security Update:
· This release of ProsePoint fixes the upstream vulnerability SA-CORE-2009-006 - Drupal core - Cross site scripting (http://drupal.org/node/461886).
Other Changes:
· The ProsePoint editor remembers your selection of Visual or HTML mode. When you next use the editor, it will automatically switch to the most recently used mode.
April 4th, 2009· This is a security release of ProsePoint addressing an upstream security vulnerability. All users are advised to upgrade to this version.
Security Update:
· This release of ProsePoint fixes an upstream vulnerability. Unfortunately, this vulnerability has not yet been given an indentifier (as of writing), but it is mentioned at http://drupal.org/node/420990.
Other Changes:
· There are some other minor bugfixes and improvements. For the full list of changes, please see the changelog.
· There are newer versions of some upstream modules available, but these were not upgraded in this release of ProsePoint because they have not been tested fully. In particular, the latest Date module may require some additional integration.
March 19th, 2009· This is a security release of ProsePoint addressing an upstream vulnerability SA-CONTRIB-2009-013 (http://drupal.org/node/406520) and also includes a number of other minor bugfixes and improvements. All users are advised to upgrade to this version.
Security Update:
· This release of ProsePoint fixes an upstream vulnerability SA-CONTRIB-2009-013 CCK - Cross site scripting (http://drupal.org/node/406520).
Other Changes:
· There are some other minor bugfixes and improvements. For the full list of changes, please see the changelog.
· There are newer versions of some upstream modules available, but these were not upgraded in this release of ProsePoint because they have not been tested fully. In particular, the latest Date module may require some additional integration.
February 26th, 2009· This security release of ProsePoint fixes an upstream vulnerability SA-CORE-2009-003 - Local file inclusion on Windows (http://drupal.org/node/383724) which affects ProsePoint if installed on Windows servers.
February 23rd, 2009· Minor fix: (Composite Layout) Add field values for easier navigation, comment 8 - http://drupal.org/node/350249#comment-1202171.
· Minor fix: Missing t() in pp_ch.pages.inc and pp_ig.pages.inc.
· Feature: Visual editor can be used for comments (defaults to disabled).
· Feature & Fix: Custom taxonomy term listing for stories. - Also fixes Bug: Stories not appearing in reverse chronological order - https://answers.launchpad.net/prosepoint/+question/60689
· Bug: I.E. 7 Issues - https://answers.launchpad.net/prosepoint/+question/61485
· Feature: Add channel block for story listing channels.
· Upgrade to modules: filefield 6.x-3.0-alpha7, imageapi 6.x-1.3, imagecache 6.x-2.0-beta8, imagefield 6.x-3.0-alpha4.
· Upgrade to modules: content_taxonomy 6.x-1.0beta6, date 6.x-2.0rc6, views 6.x-2.3, admin_menu 6.x-1.3.
January 15th, 2009· This release of ProsePoint contains an update of an upstream component addressing the security vulnerability - SA-CORE-2009-001 Drupal core - Multiple vulnerabilities (http://drupal.org/node/358957).
December 19th, 2008· This is a security related update of ProsePoint, which also fixes a few minor bugs. Upgrading to this version of ProsePoint is recommended.
Security Update:
· This release of ProsePoint contains an update of an upstream component addressing the security vulnerability SA-2008-075 - Views - SQL Injection (http://drupal.org/node/348321).
December 12th, 2008· This is a minor bugfix release of ProsePoint, correcting one bug introduced in ProsePoint 0.11 that may affect users with PHP 5.0.x and 5.1.x. If you are using PHP 5.2.x or are not affected by this bug, you do not need to upgrade to this release.
December 11th, 2008· This is a security and feature release of ProsePoint, incorporating fixes for a couple of vulnerabilities, some new features, and a few bugfixes. It is recommended that all users upgrade to this version of ProsePoint.
Security Update:
· This release of ProsePoint contains an update of the upstream CMS component addressing the security vulnerability SA-2008-073: Drupal core - Multiple vulnerabilities (http://drupal.org/node/345441).
New Features:
· An image gallery and a couple of listing pages that assist in locating content have been added.
Other changes:
· There are other minor additions and bugfixes. For more information, please see the full changelog.
Upgrading:
· For the purposes of upgrading, ProsePoint versions 0.07-0.11 are all similar to each other. You can use the upgrade directions for 0.07.
· Upgrading to ProsePoint 0.11 requires a full source code upgrade. The entire source code tree needs to be replaced.
· You must run update.php immediately after the source code has been replaced, as some files have been moved.
· You no longer need to re-enable themes after the upgrade process.
November 27th, 2008Visual Editor:
· There are a few bugfixes for the editor...
· Editing in html mode now saves your changes when you click Save. Previously, you needed to switch back to Visual mode before clicking Save.
· The editor no longer automatically inserts until the user presses Enter (in visual mode). The previous behaviour could sometimes corrupt textual content which contain things like javascript.
· There is now a user setting under My account to configure whether the editor starts up in visual or html mode.
· The visual editor now works if the javascript aggregator is enabled.
Other changes:
· There is a fix for an unfortunate bug introduced in ProsePoint 0.09 related to teasers and themeing. If some of your teasers are not showing, this is probably it.
· Composite Layout now supports the concept of layout sets. You can save a particular layout for reuse in other editions.
· A few upstream modules were upgraded with fixes for a number of minor (possibly unrelated to ProsePoint) bugs.
November 12th, 2008· This is a minor release of ProsePoint with a couple of new features. If you do not require these features, there is no need to upgrade.
· Themeing changes
· As a push to make it easier for ProsePoint to operate with generic Drupal themes, one or two small themeing related changes were made (mostly relating to floating or non-floating of teaser images). Theme developers are advised to use ProsePoint 0.09 for developing or customising themes.
· Feedburner support
· ProsePoint now includes the Drupal Feedburner module. This provides an automatic option for integrating your site feeds with Feedburner. However, use of this module with ProsePoint is still experimental so it is not enabled by default. Site administrators will have to enable the module themselves.
· Other changes
November 6th, 2008· This is a bugfix release with a couple of minor fixes and one security update. There are no new features.
· This release fixes the upstream vulnerability SA-2008-069: CCK for 5.x and 6.x - XSS vulnerabilities (http://drupal.org/node/330546).
· In practice, this is a minor vulnerability, and doesn't really affect ProsePoint unless you've added your own user roles. The only users who can exploit this are editors and administrators, but they are privileged users anyway.
· Still, this release was made so users wouldn't get spooked.
· There are a couple of other minor fixes.
November 3rd, 2008· ProsePoint version 0.07 has been released with one major new feature set.
Channels functionality has been totally rewritten. A channel now has two modes of operation:
· 1. Story list - A time-based listing of stories with the most recent stories appearing first, or
· 2. Scheduled editions - A set of editions with scheduling in the same way as previous versions of ProsePoint.
· The first mode is essentially a blog format, while the second mode allows for greater control of content and layout (but obviously involves more editing work). You can change the channel mode at any time.
October 27th, 2008· ProsePoint 0.06 is a bugfix release over 0.05 to address two installation related issues. There are no new features. If you have successfully installed ProsePoint and have not experienced these two bugs, there is no need to upgrade.
The two fixed bugs are:
· https://bugs.launchpad.net/prosepoint/+bug/288919 - ProsePoint does not support table prefixes
· https://bugs.launchpad.net/prosepoint/+bug/288698 - Blank screen after variant selection
October 23rd, 2008· It is a bugfix release over 0.04. There is one security fix, a couple of upgrades and one bugfix. There are no new features.
October 22nd, 2008New Features:
· Added new content managers (Story Manager, Edition Manager, and Channel Manager) and a (preliminary) dashboard to help you track your content.
· Added an extended publishing state to stories. Stories can now be Drafts, Ready for Reviews, Published, Archived etc.
· Enabled revision control by default for pages and stories. Now you can easily track changes to your content.
· Added RSS to channels and editions.
· Increased the granularity of scheduling: Editions are now scheduleable hourly instead of daily.
· Complex layouts: Editions can now display stories (and other content) in a 2 or 3 column format. Expanded the source/writer content type to also list stories by source/writer.
Security Fixes:
ProsePoint 0.04 also fixes a couple of upstream security vulnerabilities:
· DRUPAL-SA-2008-060
· DRUPAL-SA-2008-065
· DRUPAL-SA-2008-060 doesn't affect ProsePoint unless a site uses 'access rules' functionality to restrict users from logging in.
· DRUPAL-SA-2008-065 doesn't affect ProsePoint unless a site uses nonstandard permissions settings.
· These are low risk vulnerabilities to ProsePoint. However, they have been fixed anyway.
Other Changes:
· Upgraded many upstream components: Drupal core, Drupal modules and tinymce.
· The content type 'Writer' has been renamed to 'Source'
· Page caching has been turned off by default since it clashes with scheduling. Page caching is compatible with scheduling if cron is enabled.
Find us on Google+
