News and announcements

I own these expiring domains but I would like the Drupal community to have them
drupalblog.com - Buy it now price = $20
drupaldir.com - Buy it now price = $20
drupaltalk.com - Buy it now price = $20

First one to reach $20 gets the domain, but I'll also accept offers above or equal to $10

They are about to expire and I would hate to see a spammer grab them.

They are at namecheap, so I can easily push them to your account. Once your purchase is confirmed.

Payment is via paypal.

Post your offers publicly... thanks

Well-known marketing and internet guru Seth Godin has compiled a Web 2.0 Traffic Watch List from real-time Alexa traffic rankings.

It's great that Drupal is so highly ranked and also get the attention it deserves. The next pure CMS site on the ranking is pMachine, makers of ExpressionEngine at #97.

From the Twit.tv website:

FLOSS Weekly 12: PHP Creator Rasmus Lerdorf

Hosts: Chris DiBona and Leo Laporte

Guest: Rasmus Lerdorf, creator of PHP talks about the origins of the language and his favorite PHP sites including:
...

• Drupal

This is a pretty nice publicity for Drupal.

More info: Floss Weekly n°12

Hi,
I just read this security advisory and was wondering if only clean urls is affected by mod_rewrite and if Drupal 4.7 does any of the following (I am not a programmer):

CVE-2006-3747: An off-by-one flaw exists in the Rewrite module, mod_rewrite, as shipped with Apache 1.3 since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0.

Depending on the manner in which Apache HTTP Server was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely. For vulnerable builds, the nature of the vulnerability can be denial of service (crashing of web server processes) or potentially allow arbitrary code execution. This issue has been rated as having important security impact by the Apache HTTP Server Security Team.

This flaw does not affect a default installation of Apache HTTP Server. Users who do not use, or have not enabled, the Rewrite module mod_rewrite are not affected by this issue. This issue only affects installations using a Rewrite rule with the following characteristics:

* The RewriteRule allows the attacker to control the initial part of the rewritten URL (for example if the substitution URL starts with $1)
* The RewriteRule flags do NOT include any of the following flags: Forbidden (F), Gone (G), or NoEscape (NE).

I have mod_rewrite enabled on our Apache server and will disable it if clean urls are the only affected module. Unless there is something in the .htaccess file that can be adjusted?

Note: this post is related to an earlier "call for nominations".

CMS Wire has mentioned Drupal as it discusses a call for nominations for Packt's "The Best Open Source CMS" competition. Please cast your nomination vote for Drupal TODAY as "The Best Open Source CMS".

Packt's annual open source CMS awards will be announced November 14. A spokesperson for the publisher says the awards grew out of questions regarding what the best open source content management system actually is. The awards are meant to recognize "outstanding achievement" in the open source CMS market.

The Award is split up into two main stages. Firstly, nominations will begin in July. This is your chance to put forward your favourite CMS to through to the Final Five, which will be announced at the beginning of September; this is when the voting stage begins. Voting closes at the beginning of November, with the winner of the Award announced later that month.

Open Source CMS Award Timeline The
Award Timeline is split up into two main stages. Firstly, nominations will begin in July. This is your chance to put forward your favourite CMS to through to the Final Five, which will be announced at the beginning of September; this is when the voting stage begins. Voting closes at the beginning of November, with the winner of the Award announced later that month.