Security-related announcements, such as information on best practices. These posts by the Drupal security team are also sent to the security announcements e-mail list.

Drupal 7 and 8 core critical release on April 25th, 2018 PSA-2018-003

There will be a security release of Drupal 7.x, 8.4.x, and 8.5.x on April 25th, 2018 between 16:00 - 18:00 UTC. This PSA is to notify that the Drupal core release is outside of the regular schedule of security releases. For all security updates, the Drupal Security Team urges you to reserve time for core updates at that time because there is some risk that exploits might be developed within hours or days. Security release announcements will appear on the Drupal.org security advisory page.

Drupal 7 and 8 core highly critical release on March 28th, 2018 PSA-2018-001

  • Advisory ID: DRUPAL-PSA-2018-001
  • Project: Drupal Core
  • Version: 7.x, 8.x
  • Date: 2018-March-21

Update on Views Ajax vulnerability for Drupal 7 Views and Drupal 8 core. -- PSA-2017-002

  • Advisory ID: DRUPAL-PSA-2017-002
  • Project: Drupal contributed modules
  • Version: 7.x, 8.x
  • Date: 2017-Aug-16

Drupal 8 core upcoming critical release PSA-2017-001

  • Advisory ID: DRUPAL-PSA-2017-001
  • Project: Drupal core
  • Version: 8.x
  • Date: 2017-Apr-17

PHPmailer 3rd party library -- DRUPAL-SA-PSA-2016-004

Pages

Subscribe with RSS Subscribe to RSS - Security public service announcements