This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcements:
No other fixes are included.
No changes have been made to the
robots.txt, or default
settings.php files in this release, so upgrading custom versions of those files is not necessary.
After upgrading to Drupal 8.2.8, the site's "Available updates" page may still list Drupal 8.3.1 as an additional required security update, but this information is incorrect and can be ignored; both Drupal 8.2.8 and Drupal 8.3.1 contain the same security fix. However, the 8.2.x series is end-of-life and will not receive further updates, so you should also plan to update to Drupal 8.3.1 or later once you have had a chance to test thoroughly. See the Drupal 8.3.0 release notes for more information on the new minor release, including requirements for updating from 8.2.x releases.
There are no known regressions in this release since 8.2.7.