Number: AV16-035
Date: 25 February 2016
Purpose
The purpose of this advisory is to bring attention to a Drupal Security Release.
Assessment
Drupal has released updates to address multiple security vulnerabilities. Some of these vulnerabilities can allow a remote attacker to take control of an affected system.
Affected Versions:
Drupal core 6.x versions prior to 6.38
Drupal core 7.x versions prior to 7.43
Drupal core 8.0.x versions prior to 8.0.4
Suggested Action
CCIRC recommends that owner/operators test and deploy the vendor released update or workaround to affected platforms accordingly.
References: