Critical vulnerability in Drupal core versions 6, 7 and 8
www.drupal.org/SA-CORE-2018-002
A week ago, the Drupal Security Team announced on March 28 a serious fix fixing a critical security bug that is relevant to all versions of Drupal 6.x, 7.x and 8.x. The bug allows an attacker to gain access to the hosting server with the rights of a web server. There is no known public exploit using this vulnerability, but most likely it will appear in the very near future, so all happy website owners on Drupal or those supporting them are strongly advised to install the update as soon as possible.
Sites running on versions 7.x and 8.x are lucky: they just need to install the kernel update to the latest version, or, if for some reason it is impossible, to roll a patch on the kernel, links to the corresponding patches and versions are in the information leaflet Drupal Security Team .
Site owners on the currently unsupported 6th version are less fortunate, there is no ready build for them, but there is a patch in the Drupal 6 Long Term Support project, you can download it here .
A week ago, the Drupal Security Team announced on March 28 a serious fix fixing a critical security bug that is relevant to all versions of Drupal 6.x, 7.x and 8.x. The bug allows an attacker to gain access to the hosting server with the rights of a web server. There is no known public exploit using this vulnerability, but most likely it will appear in the very near future, so all happy website owners on Drupal or those supporting them are strongly advised to install the update as soon as possible.
Sites running on versions 7.x and 8.x are lucky: they just need to install the kernel update to the latest version, or, if for some reason it is impossible, to roll a patch on the kernel, links to the corresponding patches and versions are in the information leaflet Drupal Security Team .
Site owners on the currently unsupported 6th version are less fortunate, there is no ready build for them, but there is a patch in the Drupal 6 Long Term Support project, you can download it here .
')
Source: https://habr.com/ru/post/352274/
All Articles