Changelog #37
Drupal core contains a potential PHP Object Injection vulnerability and all sites need updating immediately. This release also introduces a number of changes with the update to 10.3
Blog Topic: Security Update
Changelog #28
Drupal Core security update along with an upgrade of Drush 11
Changelog #18
A security patch is available for the Webform module for Drupal 8/9
Changelog #17
Moderately critical security release affecting the CKEditor library for WYSIWYG editing.
Changelog #16
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement.
Changelog #15
Moderately critical - Cross Site Scripting - security patch is now available for Webform module
Changelog #14
The Drupal project uses the CKEditor library for WYSIWYG editing.
CKEditor has released a security update that impacts Drupal.
Changelog #12
New Drupal 8 Version 8.9.17 is now available on the Pantheon Dashboard for review.
Changelog #10
Included in this release is a security patch to the Drupal module Ctools. There are also several other contributor modules updates in his release as we look to migrate the site to Drupal 9 in the coming months.
Changelog #9
Drupal core uses the third-party CKEditor library. This library has an error
in parsing HTML that could lead to an XSS attack. CKEditor 4.16.1 and later
include the fix.