[LTER-im] Fwd: New Drupal Patch Released Today - Please patch ASAP

Eda C. Melendez-Colom edacorreo at yahoo.com
Wed Apr 25 14:00:57 PDT 2018 

Thank you Wade. We'll look into this and act accordingly.

EDA


Eda C. Melendez Colom
 Information Manager
 LTER Program
 University of Puerto Rico
 Tel. (787) 764-0000 (1-88225)
 Fax (787) 772 -1481 

    On Wednesday, April 25, 2018, 4:53:50 PM EDT, Wade Sheldon <sheldon at uga.edu> wrote:  
 
   For anyone running Drupal 7.x or 8.x who isn't keeping up with Drupal core news, please see the info below about patching a critical vulnerability.
 
 Stay safe!
 
 Wade Sheldon
 GCE LTER
 
 
 
 -------- Forwarded Message -------- 
| Subject:  | New Drupal Patch Released Today - Please patch ASAP |
| Date:  | Wed, 25 Apr 2018 18:41:49 +0000 |
| From:  | Lance K Peiper <lpeiper at UGA.EDU> |
| Reply-To:  | Lance K Peiper <lpeiper at UGA.EDU> |
| To:  | UGANET at LISTSERV.UGA.EDU |

 
 
  
UGANet,
 
  
 
An update to the Drupal 7.x and 8.x patches released on March 28th was released today.
 
  
 
https://www.drupal.org/sa-core-2018-004
 
  
 
Please patch any affected systems as soon as possible.  This issue is a new critical remote code execution vulnerability and it is only a matter of time before attackers attempt to exploit it.  
 
  
 
Thank you,
 
  
  
Lance Peiper
 
IT Associate Director
 
EITS - Information Security
 
University of Georgia
 
(706)542-5108
 
lpeiper at uga.edu
  
  
 
  
  
From: Technical Discussion for UGA Networking <UGANET at LISTSERV.UGA.EDU> on behalf of Brantley Hobbs <bhobbs at ITOS.UGA.EDU>
 Reply-To: Brantley Hobbs <bhobbs at itos.uga.edu>
 Date: Wednesday, March 28, 2018 at 10:19 AM
 To: "UGANET at LISTSERV.UGA.EDU" <UGANET at LISTSERV.UGA.EDU>
 Subject: Heads up for folks hosting Drupal sites
   
  
  
This is just a heads up for folks running Drupal sites.
 
 
 
Last week the Drupal security team announced that today, Mar. 28th, between the hours of 18:00-19:30 UTC, they will be releasing new versions of Drupal for both Drupal 7 and Drupal 8.  This patch is for Drupal core; not for a module.
 
 
 
I assume that since we were given a one week warning for this patch, this is likely to address a pretty bad, and pretty easy hole to exploit.  Expect zero day exploits on this, in other words.
 
 
 
You probably want to make sure your sites are patched as quickly as you can, as soon as the patch drops.
 
 
 
Brantley Hobbs 
 
Carl Vinson Institute of Government
 
The University of Georgia
 
 
 
1180 East Broad Street | Athens, GA 30602
 Phone: 706-542-2097 | Fax: 706-542-6535
 bhobbs at itos.uga.edu
 www.vinsoninstitute.org
 
 
 

 
 
   _______________________________________________
Long Term Ecological Research Network
im mailing list
im at lternet.edu

  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lternet.edu/pipermail/im/attachments/20180425/96a01656/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 4495 bytes
Desc: not available
URL: <http://lists.lternet.edu/pipermail/im/attachments/20180425/96a01656/attachment-0001.jpg>

More information about the im mailing list