Security-related announcements, such as information on best practices. These posts by the Drupal security team are also sent to the security announcements e-mail list.
This Public Service Announcement is a follow up to SA-CORE-2014-005 - Drupal core - SQL injection. This is not an announcement of a new vulnerability in Drupal.
This is a short addition to the security announcements released on October 30th.
Due to Drupal.org's scheduled downtime on October 31, not all links in those mails may be available when you need them.
If you encounter this situation, please use the following direct URLs to the archives containing the updates.
Drupal is a registered trademark of Dries Buytaert.