Following the Drupal project announcement last week that there will be a highly critical security patch disclosed, we want to draw your attention to this announcement and encourage you to apply this security patch as fast as possible after it is released on the afternoon of Wednesday, March 28th around 2pm EDT.
The exact nature of the security issue is still not known but according to the announcement it is important that we apply the patch as soon as possible. The security issue affects both Drupal 7 and 8. You can consult the announcement that was published by the Drupal project here:
Update 2018-03-28: The installations Drupal for clients with Aegir & AegirVPS services are patched for this issue. Note that the version of Drupal shown by your site will not changed until the next complete update.
- Complete announcement: https://www.drupal.org/sa-core-2018-002
- Drupal 6 patch: https://www.drupal.org/files/issues/2018-03-28/SA-CORE-2018-002.patch