En

Drupal官网安全更新(2021-09-15)

来源:Drupal官网 发布日期:2021-09-15 阅读次数:7390 评论:0

基本信息

发布日期:2021-09-15(官方当地时间)

更新类型:安全更新

更新版本:8.9.19

感知时间:2021-09-16 01:27:00

风险等级:未知

情报贡献:TSRC

更新标题

drupal 8.9.19

更新详情

Maintenance and security release of the Drupal 9 series.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:

Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-006
Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-007
Drupal core - Moderately critical - Access Bypass - SA-CORE-2021-008
Drupal core - Moderately critical - Access Bypass - SA-CORE-2021-009
Drupal core - Moderately critical - Access Bypass - SA-CORE-2021-010

No other fixes are included.
Which release do I choose? Security coverage information

Sites on 8.9.x should update immediately to this release, but update to Drupal 9 as soon as possible afterward because Drupal 8 is end-of-life in six weeks! Starting in November 2021, Drupal 8 sites will no longer receive security updates. It is essential to update your Drupal 8 sites as soon as possible.
Versions of Drupal 8 prior to 8.9.x are end-of-life and do not receive security coverage.

Important update information


No changes have been made to the .htaccess, web.config, robots.txt, or default settings.php files in this release, so upgrading custom versions of those files is not necessary if your site is already on the previous release.
Release type: Security update

软件描述

Drupal是使用PHP语言编写的开源内容管理框架(CMF),它由内容管理系统(CMS)和PHP开发框架(Framework)共同构成。

CVE编号

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入