En

Drupal官网安全更新(2021-09-15)

来源:Drupal官网 发布日期:2021-09-15 阅读次数:9417 评论:0

基本信息

发布日期:2021-09-15(官方当地时间)

更新类型:安全更新

更新版本:9.2.6

感知时间:2021-09-16 01:27:00

风险等级:未知

情报贡献:TSRC

更新标题

drupal 9.2.6

更新详情

Maintenance and security release of the Drupal 9 series.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:

Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-006
Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-007
Drupal core - Moderately critical - Access bypass - SA-CORE-2021-008
Drupal core - Moderately critical - Access bypass - SA-CORE-2021-009
Drupal core - Moderately critical - Access bypass - SA-CORE-2021-010

No other fixes are included.
Which release do I choose? Security coverage information

Drupal 9.2.x will receive security coverage until June 15, 2022 when Drupal 9.4.0 is released.
Sites on 9.1.x or earlier should update immediately to Drupal 9.1.13 instead of this release, and plan to update to the latest 9.x release before December 8, 2021 (when Drupal 9.3.0 is scheduled for release and 9.1.x security coverage ends).
Sites on 8.9.x should update immediately to Drupal 8.9.19 instead of this release, and update to Drupal 9 as soon as possible afterward because Drupal 8 is end-of-life in six weeks.
Versions of Drupal 9 prior to 9.1.x and of Drupal 8 prior to 8.9.x are end-of-life and do not receive security coverage.

Important update information


No changes have been made to the .htaccess, web.config, robots.txt, or default settings.php files in this release, so upgrading custom versions of those files is not necessary if your site is already on the previous release.

Release type: Security update

软件描述

Drupal是使用PHP语言编写的开源内容管理框架(CMF),它由内容管理系统(CMS)和PHP开发框架(Framework)共同构成。

CVE编号

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入