Security update

Fixes Services - Critical - SQL Injection - SA-CONTRIB-2017-054

Maintenance and security release of the Drupal 7 series.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:

• Drupal Core - Multiple Vulnerabilities - SA-CORE-2017-003

No other fixes are included.

Maintenance and security release of the Drupal 8 series.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcements:

• Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2017-003

No other fixes are included.

See Search404 - Moderately Critical - Cross Site Scripting - SA-CONTRIB-2017-053

Fixes the security vulnerabilities in Search404 - Lack of sanitisation in `search404_page_text` variable

All 7.x releases of Search404 are affected. It is recommended that all users upgrade to latest version.

Fixes the security vulnerabilities in LDAP - Critical - Data Injection -SA-CONTRIB-2017-052.

All 2.x releases of LDAP are affected, users are strongly recommended to upgrade.

Known limitations:

• LDAP Views integration is still incomplete
• You cannot install ldap_user with a default language other than English. Switch your site before installing this module, see also https://www.drupal.org/node/2837074
• Test coverage is still very limited and thus regressions are more likely than we would like.
• If you use authorization, you will likely want to use the patches in these issues: