---
- branch: MAIN
  date: Thu Jun 18 11:44:04 UTC 2015
  files:
  - new: '1.32'
    old: '1.31'
    path: pkgsrc/www/drupal7/Makefile
    pathrev: pkgsrc/www/drupal7/Makefile@1.32
    type: modified
  - new: '1.12'
    old: '1.11'
    path: pkgsrc/www/drupal7/PLIST
    pathrev: pkgsrc/www/drupal7/PLIST@1.12
    type: modified
  - new: '1.25'
    old: '1.24'
    path: pkgsrc/www/drupal7/distinfo
    pathrev: pkgsrc/www/drupal7/distinfo@1.25
    type: modified
  id: 20150618T114404Z.404b49433326139ded50e30eea7209134efcabe7
  log: |
    Update drupal7 to 7.38 (Drupal 7.38)..

    Drupal 7.38, 2015-06-17
    -----------------------
    - Fixed security issues (multiple vulnerabilities). See SA-CORE-2015-002.

    Drupal 7.37, 2015-05-07
    -----------------------
    - Fixed a regression in Drupal 7.36 which caused certain kinds of content types
      to become disabled if they were defined by a no-longer-enabled module.
    - Removed a confusing description regarding automatic time zone detection from
      the user account form (minor UI and data structure change).
    - Allowed custom HTML tags with a dash in the name to pass through filter_xss()
      when specified in the list of allowed tags.
    - Allowed hook_field_schema() implementations to specify indexes for fields
      based on a fixed-length column prefix (rather than the entire column), as was
      already allowed in hook_schema() implementations.
    - Fixed PDO exceptions on PostgreSQL when accessing invalid entity URLs.
    - Added a sites/all/libraries folder to the codebase, with instructions for
      using it.
    - Added a description to the "Administer text formats and filters" permission
      on the Permissions page (string change).
    - Numerous small bug fixes.
    - Numerous API documentation improvements.
    - Additional automated test coverage.

    Drupal 7.36, 2015-04-01
    -----------------------
    - Added a 'file_public_schema' variable which allows modules that define
      publicly-accessible streams in hook_stream_wrappers() to bypass file download
      access checks when processing managed file upload fields.
    - Fixed a bug that caused database query tags not to be added to search-related
      database queries under many circumstances, and which prevented the
      corresponding hook_query_TAG_alter() implementations from being called.
    - Fixed the "for" attribute on managed file upload field labels to improve
      accessibility (minor markup change).
    - Added a 'javascript_always_use_jquery' variable which can be set to FALSE by
      sites that may not need jQuery loaded on all pages, and a 'requires_jquery'
      option to drupal_add_js() which modules can set to FALSE when adding
      JavaScript files that have no dependency on jQuery (API addition:
      https://www.drupal.org/node/2462717).
    - Fixed incorrect foreign keys in the User module's role_permission and
      users_roles database tables.
    - Changed permission descriptions throughout Drupal core to consistently link
      to relevant administrative pages, regardless of whether the user viewing the
      Permissions page can view the page being linked to (minor UI change).
    - Fixed the drupal_add_region_content() function so that it actually adds
      content to the page.
    - Added an 'image_suppress_itok_output' variable to allow sites already using
      the existing 'image_allow_insecure_derivatives' variable to also prevent
      security tokens from appearing in image derivative URLs.
    - Fixed double-escaping of theme names in the Block module administrative
      interface (minor string change).
    - Added basic support for Xdebug when running automated tests.
    - Fixed a bug which caused previewing a node to remove elements from the node
      being edited. With this fix, calling node_preview() will no longer modify the
      passed-in node object (minor API change).
    - Added a user_has_role() function to check whether a user has a particular
      role (API addition: https://www.drupal.org/node/2462411).
    - Fixed installation failures when an opcode cache is enabled.
    - Fixed a bug in the Drupal 6 to Drupal 7 upgrade path which caused private
      files to be inaccessible.
    - Fixed a bug in the Drupal 6 to Drupal 7 upgrade path which caused user
      pictures to be lost.
    - Fixed missing language code in hook_field_attach_view_alter() when it is
      invoked from field_view_field().
    - Stopped sending ETag and Last-Modified headers for uncached page requests,
      since they break caching for certain Varnish and Nginx configurations.
    - Changed the Simpletest module to allow PSR-4 test classes to be used in
      Drupal 7.
    - Fixed a fatal error that occurred when using the Comment module's "Unpublish
      comment containing keyword(s)" action.
    - Changed the "lang" attribute on language links to "xml:lang" so it validates
      as XHTML (minor markup change).
    - Prevented the form API from allowing arrays to be submitted for various form
      elements, such as textfields, textareas, and password fields (API change:
      https://www.drupal.org/node/2462723).
    - Fixed a bug in the Contact module which caused the global user object to have
      the incorrect name and e-mail address during the remainder of the page
      request after the contact form is submitted.
    - Numerous small bug fixes.
    - Numerous API documentation improvements.
    - Additional automated test coverage.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/drupal7'
  unixtime: '1434627844'
  user: taca