Software update: Drupal 7.62 / 8.5.9 / 8.6.6




Updates have appeared for versions 7 , 8.5 and 8.6 of Drupal, which need to fix various vulnerabilities. Drupal is a php-written, user-friendly and powerful content management platform with which, for example, websites can be created. It is simple enough for a novice user, but powerful enough to build a more complex website. The program includes a content management platform and a development framework. Advisory SA-CORE-2019-001 mentions the removal of a vulnerability in the PEAR Archive_Tar library.

Security risk:
Critical 16/25 AC: Complex / A: User / CI: All / II: All / E: Proof / TD: Uncommon

Third Party Libraries

Drupal core uses the third-party PEAR Archive_Tar library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details.

If you are using Drupal 8.6.x, upgrade to Drupal 8.6.6 .
If you are using Drupal 8.5.x or earlier, upgrade to Drupal 8.5.9 .
If you are using Drupal 7.x, upgrade to Drupal 7.62 .
Versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage.

Drupal 8.6.0 Umami food magazine demo (620 pix)

Version number 7.62 / 8.5.9 / 8.6.6
Release status Final
Operating systems Script language
License type GPL


In: A Technology & Gadgets Asked By: [23633 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »