Voting starts in March for the Drupal Association Board election.
Maintenance and security release of the Drupal 8 series.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcements:
No other fixes are included.
In certain configurations and environments, batched exports may not be downloadable. A patch that should address the issue is available in #2800895-8: Access denied when performing batched export as admin.
Changes since 7.x-3.0-beta9:
This resolves the following SA:
No other updates are included in this release.
Please note that both the 7.x-1.x branch and the 7.x-3.x branch are affected.
Changes since 7.x-3.7:
See Workbench Scheduler - Moderately Critical - Access Bypass - SA-CONTRIB-2016-049
Changes since 7.x-1.8:
In addition to the news page and sub-tabs, all security announcements are posted to an email list. To subscribe to email: log in, go to your user profile page and subscribe to the security newsletter on the Edit » My newsletters tab.
You can also get rss feeds for core, contrib, or public service announcements or follow @drupalsecurity on Twitter.
In order to report a security issue, or to learn more about the security team, please see the Security team handbook page.
If you are a Drupal developer, please read the handbook section on Writing secure code.
Drupal is a registered trademark of Dries Buytaert.