Security update

Fixes Authenticator Login - Critical - Access bypass - SA-CONTRIB-2025-009

User must be authenticated before accessing their 2FA settings form and each user can access their own 2FA settings form.

Apigee Edge - Moderately critical - Access bypass - SA-CONTRIB-2023-005

Github milestone: 8.x-1.27

Changelog:

Fix API Product entity query access issue, via PR #791.

Apigee Edge - Moderately critical - Access bypass - SA-CONTRIB-2023-005

Github milestone: 2.0.8

Changelog:

Fix API Product entity query access issue, via PR #790.

This is a security release of the Drupal 9 series.

This release fixes security vulnerabilities. Sites are urged to update immediately after reading the notes below and the security announcement:

• Drupal core - Moderately critical - Information disclosure - SA-CORE-2023-001

No other fixes are included.

This is a security release of the Drupal 9 series.

This release fixes security vulnerabilities. Sites are urged to update immediately after reading the notes below and the security announcement:

• Drupal core - Moderately critical - Information disclosure - SA-CORE-2023-001

No other fixes are included.

This is a security release of the Drupal 10 series.

This release fixes security vulnerabilities. Sites are urged to update immediately after reading the notes below and the security announcement:

• Drupal core - Moderately critical - Information disclosure - SA-CORE-2023-001

No other fixes are included.