Drupal 7.31 and Drupal 6.33 updated
Drupal 7.31 and Drupal 6.33 has been released. The new maintenance updates contains fixes for security vulnerabilities and available for download.
There are no new features or non-security-related bug fixes in these releases.
Drupal 7.31 and 6.33 were released in response to the detection of security vulnerabilities.
- The XML-RPC system in Drupal core will limited access to the XML-RPC in <?xml> statements contained within XML-RPC messages.
- The XML-RPC system and exists in the core OpenID module will also reject messages.
- PHP XML parser used by this XML-RPC endpoint is security vulnerabilities to an XML entity expansion attack and other related XML payload attacks which can cause CPU and memory tiredness and the site’s database to reach the maximum number of open connections (denial of service).
- Drupal core 7.x versions prior to 7.31.
- Drupal core 6.x versions prior to 6.33.
Please upgrade Drupal 7.x, upgrade to Drupal core 7.31 or Drupal 6.x, upgrade to Drupal core 6.33.
As a Drupal developer, Anubavam can leverage the open source Drupal framework to develop custom web applications, modules, and themes for the benefit of our clients. Our long history as a Drupal development company only enhanced our capabilities to develop hundreds of websites and mobile applications has changed our lives and our clients.