Updates have been released for versions 8.7 and 8.8 of Drupal. Drupal is a PHP-written, user-friendly and powerful content management platform that can be used to create websites, for example. It is simple enough for a novice user, but powerful enough to build a more complex website as well. The program includes a content management platform and a development framework. Version 8.8 is the last version in which (major) changes are still being made. Both version 9.0 and version 8.9 will be released in early June. The latter is a version where long-term support will be provided. These updates should address a severely identified vulnerability in the CKEditor.
Maintenance and security release of the Drupal 8 series.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:
- Drupal core – Moderately critical – Third-party libraries – SA-CORE-2020-001
No other fixes are included.
Which release do I choose? Security coverage information
- Drupal 8.8.x will receive security coverage until December 2, 2020 when Drupal 9.1.0 is released.
- Sites on 8.7.x or earlier should update immediately to Drupal 8.7.12 instead, and plan to update to the latest 8.8.x release before June 3, 2020 (when Drupal 8.9.0 is scheduled for release and 8.7.x security coverage ends).
- Versions of Drupal 8 prior to 8.7.x are end-of-life and do not receive security coverage.
Important update information
No changes have been made to the
robots.txt or default
settings.php files in this release, so upgrading custom versions of those files is not necessary if your site is already on the previous release.