![]() More information on managing Guzzle with Drupal 9.4. I see code in pm.drush.inc that leads me to believe this would be. With this new command, you could apply only security-related updates. Now as it stands, you have to pick and choose through the available updates manually to apply security updates. This would be useful for automating security updates. Note that Drupal 8 has reached its end of life.Īdvanced users may also work around this issue by temporarily using drupal/core instead of drupal/core-recommended and then updating Guzzle to the desired version. I've been asked to work on a patch for drush to support doing just security updates. If you are using Drupal 9.2, update to Drupal 9.2.21.Īll versions of Drupal 9 prior to 9.2.x are end-of-life and do not receive security coverage.If you are using Drupal 9.3, update to Drupal 9.3.16.If you are using Drupal 9.4, update to Drupal 9.4.0-rc2. There was a significant security flaw identified in the version of Drupal your site is running that was fixed in a security patch that was released released on.This advisory is not covered by Drupal Steward. Guzzle has rated these vulnerabilities as high-risk. The Drupal security team is issuing this security advisory outside their regular Drupal security release window schedule since Guzzle has already published information about the vulnerabilities, and vulnerabilities might exist in contributed modules or custom modules that use Guzzle for outgoing requests. These do not affect Drupal core, but may affect some contributed projects or custom code on Drupal sites. Fix failure to strip Authorization header on HTTP downgrade.Failure to strip the Cookie header on change in host or HTTP downgrade Find out the latest security updates and vulnerabilities for Drupal core and contributed projects, such as Paragraphs, Mail Login, Content Moderation Notifications, and more.Guzzle has released two security advisories: Drupal uses the third-party, Guzzle library for handling HTTP requests and responses to external services.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |