Article

Advisory: Drupal Releases Security Update

Description

Drupal has released a security update to address a vulnerability affecting multiple versions of Drupal.

Affected systems

The released security updates are for fixing the following vulnerability:

CVE-2022-39261

Security Risks

An attacker could exploit this vulnerability to access sensitive information.

For the full list of security patches released by Drupal, please refer to Drupal Security Advisories page.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:

a. Upgrade, as soon as possible, to the latest supported version of Drupal CMS in-order to receive security updates and patches.

The latest Drupal stable versions, to be upgraded to are:

Drupal 9.4.7

Drupal 8 has reached its end-of-life.

b. Before applying patches, please ensure you have the latest backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009

Reference

https://www.drupal.org/sa-core-2022-016

https://www.drupal.org/security

02 October 2022

More updates

20 December 2022

Advisory: VMware Security Advisory

VMware released security updates for its products to address the heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI).

30 October 2022

Advisory: Apple iOS and macOS Flaw’s security advisory

Apple has released security updates to address vulnerabilities in iOS and macOS, including a new zero-day flaw that is being actively exploited by…