For full release notes and upgrade instructions, please see http://docs.acquia.com/commons.
Drupal Commons 3.10 (Drupal 7.27 core) contains the following updates, fixes, and security patches:
The theme did not sufficiently sanitize theme settings input for custom copyright information
This vulnerability is mitigated by the fact that an attacker must have a role with the permission "Administer themes".
SA-CONTRIB-2014-043 - Removed Cross site scripting in Custom Search Taxonomy module settings
Changes since 7.x-1.0-rc2:
Maintenance and security release of the Drupal 7 series.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
No other fixes are included.