Jump to content


Drupal Security Update - Critical Vulnerabilities Patched

  • Please log in to reply
No replies to this topic

#1 MikeDVB


    Forum Administrator

  • Staff Administrator
  • PipPipPipPipPip
  • 2,902 posts
  • Gender:Male
  • Location:Central Indiana, USA

Posted 17 January 2019 - 09:16 AM

Drupal announced an update to Drupal core today to address two critical vulnerabilities. Drupal recommends users update their core:

If you are using Drupal 8.6.x, upgrade to Drupal 8.6.6.
If you are using Drupal 8.5.x or earlier, upgrade to Drupal 8.5.9.
If you are using Drupal 7.x, upgrade to Drupal 7.62.
Note: Versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage. Sites on 8.5.x will receive security coverage until May 2019.
The vulnerabilities are announced as
Drupal Core - Third-party libraries - SA-CORE-2019-001

Drupal Core - Remote code execution - SA-CORE-2019-002

  • 0
Michael Denney - MDDHosting LLC - Providing Hosting since 2007
Scalable shared hosting plans in the cloud! Check them out!
Highly Available Cloud Shared, Reseller, and VPS

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users