Issue 464 - November, 19th 2020
News
Drupal Core - Critical - Remote Code Execution - SA-CORE-2020-012
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue is resolved by the latest release.
Drupal 8.9 and Drupal 9.0 Marked Incompatible with PHP 8
Drupal.org Blog: Live Deployment Previews for Drupal Core (Thanks to TugboatQA!)
DrupalCon News: DrupalCon Europe Will Only Sustain if You Show Up for It
Get Involved with the Future of Drupal at DrupalCon Europe!
Community Working Group Posts: A Different Kind of Contribution - Become a Trained Drupal Event Code of Conduct Contact
From Our Sponsor
Planning your Drupal 9 Upgrade from Drupal 7
The timer counts down on Drupal 7 EOL. Still on Drupal 7? Learn the different paths available for moving to a more modern version of Drupal today. Read the blog.
Articles
Smart Date 3.1 and Beyond
ForTheDev for the Holidays
The holidays are quickly approaching and you probably need to find gifts for those developers in your life. Maybe yourself? Pick up some of our great developer t-shirts including our work from home and Drupal shirts. Want a WeeklyDrop shirt? We have them and much more.
The 7 Best Practices of a Good Editorial Experience
Tutorials
Absolute Menu Links in Drupal 8
Core Web Vitals - How to Debug and Improve Cumulative Layout Shift (CLS) Issues
Webinar: 5 Ways to Give Your Dev Agency a Competitive Advantage
Learn how development agencies in today’s competitive landscape use automation tools to ship better code, faster — and stand out as a clear choice for prospective clients. Join Testery and Tugboat on December 9 at 1pm CT.
Create a Drupal Site Copy in Acquia’s DevDesktop
Releases
config_suite 8.x-1.7
Ddev v1.16.0: Composer 2, PHP 8.0, Shopware 6, ARM64, Experimental Casual Webhosting
extra_field 8.x-1.3
file_download_link 8.x-1.1
Lando v3.0.19
node_title_validation 8.x-1.22
paragraphs_sets 8.x-2.6
paragraphs_viewmode 8.x-1.0
user_permission_condition 8.x-1.1
Video
Creating Complex Field Widgets on Drupal
Drupal.org GitLab Merge Request Demo
Headless & Drupal, a Journey to the Ultimate Developer Experience
Issue Forks and Merge Requests Demo at the Portland Drupal User Group
Podcasts
Drupal 7 Extended Support: An Overview of the Drupal 7 Extended Support Program - Tag1 TeamTalk #028.2
Jobs
List Your Job on Drupal Jobs
Wanna get the word out about your great Drupal job? Get your job in front of hundreds of Drupal job seekers every day at Jobs.Drupal.Org.
Featured Jobs
Full Stack Drupal Engineer
4AllPromos 
CT/US
Lead Drupal Developer
Third and Grove US
DevOps Full Stack Developer
Spry Digital US
