
<html><head></head><body><div style="font-family:lucida console, sans-serif;font-size:13px;"><div><div>Thank you Wade. We'll look into this and act accordingly.<br><div><br>EDA<br></div></div><div><br></div><div><br></div><div class="ydp9a3dc5casignature">Eda C. Melendez Colom<br> Information Manager<br> LTER Program<br> University of Puerto Rico<br> Tel. (787) 764-0000 (1-88225)<br> Fax (787) 772 -1481</div></div>

            <div><br></div><div><br></div>

            
            <div id="ydpa4177e52yahoo_quoted_4741048477" class="ydpa4177e52yahoo_quoted">

                <div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">

                    
                    <div>

                        On Wednesday, April 25, 2018, 4:53:50 PM EDT, Wade Sheldon <sheldon@uga.edu> wrote:

                    </div>

                    <div><br></div>

                    <div><br></div>

                    <div><div id="ydpa4177e52yiv0106405295">

  
  <div>

    For anyone running Drupal 7.x or 8.x who isn't keeping up with

    Drupal core news, please see the info below about patching a

    critical vulnerability.<br>

    <br>

    Stay safe!<br>

    <br>

    Wade Sheldon<br>

    GCE LTER<br>

    <br>

    <div class="ydpa4177e52yiv0106405295moz-forward-container"><br>

      <br>

      -------- Forwarded Message --------

      <table class="ydpa4177e52yiv0106405295moz-email-headers-table" cellspacing="0" cellpadding="0" border="0">

        <tbody>

          <tr>

            <th valign="BASELINE" nowrap="" align="RIGHT">Subject:

            </th>

            <td>New Drupal Patch Released Today - Please patch ASAP</td>

          </tr>

          <tr>

            <th valign="BASELINE" nowrap="" align="RIGHT">Date: </th>

            <td>Wed, 25 Apr 2018 18:41:49 +0000</td>

          </tr>

          <tr>

            <th valign="BASELINE" nowrap="" align="RIGHT">From: </th>

            <td>Lance K Peiper <a class="ydpa4177e52yiv0106405295moz-txt-link-rfc2396E" href="mailto:lpeiper@UGA.EDU" rel="nofollow" target="_blank"><lpeiper@UGA.EDU></a></td>

          </tr>

          <tr>

            <th valign="BASELINE" nowrap="" align="RIGHT">Reply-To:

            </th>

            <td>Lance K Peiper <a class="ydpa4177e52yiv0106405295moz-txt-link-rfc2396E" href="mailto:lpeiper@UGA.EDU" rel="nofollow" target="_blank"><lpeiper@UGA.EDU></a></td>

          </tr>

          <tr>

            <th valign="BASELINE" nowrap="" align="RIGHT">To: </th>

            <td><a class="ydpa4177e52yiv0106405295moz-txt-link-abbreviated" href="mailto:UGANET@LISTSERV.UGA.EDU" rel="nofollow" target="_blank">UGANET@LISTSERV.UGA.EDU</a></td>

          </tr>

        </tbody>

      </table>

      <br>

      <br>

      
      <div class="ydpa4177e52yiv0106405295WordSection1">

        <p class="ydpa4177e52yiv0106405295MsoNormal">UGANet,</p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">  </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">An update to the Drupal 7.x and 8.x patches

          released on March 28<sup>th</sup> was released today.</p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">  </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"><a href="https://www.drupal.org/sa-core-2018-004" rel="nofollow" target="_blank">https://www.drupal.org/sa-core-2018-004</a></p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">  </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">Please patch any affected systems as soon

          as possible.  This issue is a new critical remote code

          execution vulnerability and it is only a matter of time before

          attackers attempt to exploit it. 

          </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">  </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">Thank you,</p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">  </p> 

        <div>

          <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-size:12.0pt;font-family:New;">Lance Peiper</span></p> 

          <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-size:12.0pt;font-family:New;">IT Associate Director</span></p> 

          <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-size:12.0pt;font-family:New;">EITS - Information Security</span></p> 

          <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-size:12.0pt;font-family:New;">University of Georgia</span></p> 

          <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-size:12.0pt;font-family:New;">(706)542-5108</span></p> 

          <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-size:12.0pt;font-family:New;"><a class="ydpa4177e52yiv0106405295moz-txt-link-abbreviated" href="mailto:lpeiper@uga.edu" rel="nofollow" target="_blank">lpeiper@uga.edu</a></span></p> 

        </div>

        <p class="ydpa4177e52yiv0106405295MsoNormal">  </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">  </p> 

        <div style="border-color: rgb(181, 196, 223) currentcolor currentcolor; border-style: solid none none; border-width: 1pt medium medium; padding: 3pt 0in 0in;">

          <p class="ydpa4177e52yiv0106405295MsoNormal"><b><span style="color:black;">From: </span></b><span style="color:black;">Technical Discussion for UGA

              Networking <a class="ydpa4177e52yiv0106405295moz-txt-link-rfc2396E" href="mailto:UGANET@LISTSERV.UGA.EDU" rel="nofollow" target="_blank"><UGANET@LISTSERV.UGA.EDU></a> on behalf of

              Brantley Hobbs <a class="ydpa4177e52yiv0106405295moz-txt-link-rfc2396E" href="mailto:bhobbs@ITOS.UGA.EDU" rel="nofollow" target="_blank"><bhobbs@ITOS.UGA.EDU></a><br>

              <b>Reply-To: </b>Brantley Hobbs

              <a class="ydpa4177e52yiv0106405295moz-txt-link-rfc2396E" href="mailto:bhobbs@itos.uga.edu" rel="nofollow" target="_blank"><bhobbs@itos.uga.edu></a><br>

              <b>Date: </b>Wednesday, March 28, 2018 at 10:19 AM<br>

              <b>To: </b><a class="ydpa4177e52yiv0106405295moz-txt-link-rfc2396E" href="mailto:UGANET@LISTSERV.UGA.EDU" rel="nofollow" target="_blank">"UGANET@LISTSERV.UGA.EDU"</a>

              <a class="ydpa4177e52yiv0106405295moz-txt-link-rfc2396E" href="mailto:UGANET@LISTSERV.UGA.EDU" rel="nofollow" target="_blank"><UGANET@LISTSERV.UGA.EDU></a><br>

              <b>Subject: </b>Heads up for folks hosting Drupal sites</span><span style="font-size:12.0pt;color:black;"></span></p> 

        </div>

        <div>

          <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-family:New;">  </span></p> 

        </div>

        <p class="ydpa4177e52yiv0106405295MsoNormal">This is just a heads up for folks running

          Drupal sites.</p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"> </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">Last week the Drupal security team

          announced that today, Mar. 28<sup>th</sup>, between the hours

          of 18:00-19:30 UTC, they will be releasing new versions of

          Drupal for both Drupal 7 and Drupal 8.  This patch is for

          Drupal core; not for a module.</p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"> </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">I assume that since we were given a one

          week warning for this patch, this is likely to address a

          pretty bad, and pretty easy hole to exploit.  Expect zero day

          exploits on this, in other words.</p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"> </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal">You probably want to make sure your sites

          are patched as quickly as you can, as soon as the patch drops.</p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"> </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-size:10.5pt;font-family:Arial;">Brantley Hobbs

          </span></p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-size:10.5pt;font-family:Arial;">Carl Vinson

            Institute of Government</span></p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-size:10.5pt;font-family:Arial;">The University of

            Georgia</span></p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"> </p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="font-size:10.5pt;font-family:Arial;">1180 East Broad

            Street | Athens, GA 30602<br>

            Phone: 706-542-2097 | Fax: 706-542-6535<br>

            <a href="mailto:bhobbs@itos.uga.edu" rel="nofollow" target="_blank">bhobbs@itos.uga.edu</a><br>

            <a href="http://vinsoninstitute.org/" rel="nofollow" target="_blank">www.vinsoninstitute.org</a></span></p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"><span style="color:#1F497D;"> </span></p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"><b><span style="color:#1F497D;"><img id="ydpa4177e52yiv0106405295Picture_x005f_x0020_2" src="cid:UFkgCcs3DUT89TGF50Oz" alt="mail-Logo" class="ydpa4177e52yiv0106405295" data-inlineimagemanipulating="true" style="width: 218px; max-width: 800px;" draggable="false" border="0"></span></b></p> 

        <p class="ydpa4177e52yiv0106405295MsoNormal"> </p> 

      </div>

    </div>

  </div>


</div>_______________________________________________<br>Long Term Ecological Research Network<br>im mailing list<br><a href="mailto:im@lternet.edu" rel="nofollow" target="_blank">im@lternet.edu</a><br><br></div>

                </div>

            </div></div></body></html>