Are you using Mollom on Drupal? Then do not upgrade to 6.x-1.11

Some days ago I updated the mollom Drupal module version 1.10 installed on this site with the new version 1.11.

For those unfamiliar with Drupal, Mollom is a service which analize comments, posts, etc to check for spam and blocks suspicious content. Mollom has been founded by Dries Buytaert and Benjamin Schrauwen. Dries is the project lead of Drupal and CTO at Acquia. So, yes: Mollom is high quality stuff created and maintained by top people on the Drupal ecosystem.

Unfortunately, as soon as I updated the mollom module I noticed that something was wrong: the configurations of the protected forms where missing after the update. All my forms where unprotected.

As soon as I noticed this I opened a bug report, but today I had the time to have a deep look on this and I found that it's due to a bad bug in the update path from 1.10 to 1.11. I reported it to Dries and Dave and they agreed on the gravity of this bug.

This is pretty bad as it looses the protected forms configuration of 1.10: this results in leaving all the forms unprotected against spam. As Mollom is installed in high profile Drupal websites (Sony, Adobe, LinuxJournal, Warner Bros Records, Netlog, NBC, etc) the consequences of this bug can be pretty bad.

So, if you are a Drupal and Mollom user stay away from 1.11 and wait till 1.12 which will fix this issue. Patches are already available and a new release should came soon.