Jump to content
MDDHosting Forums

Drupal Security Update - Critical Vulnerabilities Patched

Michael D.

Recommended Posts

Drupal announced an update to Drupal core today to address two critical vulnerabilities. Drupal recommends users update their core:

If you are using Drupal 8.6.x, upgrade to Drupal 8.6.6.
If you are using Drupal 8.5.x or earlier, upgrade to Drupal 8.5.9.
If you are using Drupal 7.x, upgrade to Drupal 7.62.

Note: Versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage. Sites on 8.5.x will receive security coverage until May 2019.

The vulnerabilities are announced as
Drupal Core - Third-party libraries - SA-CORE-2019-001

Drupal Core - Remote code execution - SA-CORE-2019-002

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...