2 min read

Drupal 7 Security Updates Released Ahead of End-of-Life Deadline

Drupal 7 Security Updates Released Ahead of End-of-Life Deadline

The Drupal Association has announced the release of critical security updates for Drupal 7 ahead of its end-of-life (EOL) on January 5, 2025. The update addresses an XSS vulnerability in the core Overlay module and a potential object injection flaw that could lead to remote code execution when combined with other vulnerabilities. Members of Tag1, including Ra Mänd and Fabian Franz, played a key role in issuing the security patches, which also included updates for several Drupal 7 contributed modules.

Following the EOL, the Drupal Security Team will cease updates for Drupal 7 core and contrib modules. To ensure continued support, the Drupal Association has authorized Tag1 as a Drupal 7 Extended Support (D7ES) partner. Tag1, with extensive experience managing post-EOL support for Drupal 6, will provide ongoing security updates and vulnerability monitoring for Drupal 7 sites. Organizations are encouraged to enroll in Tag1's D7ES program to maintain site security beyond January 2025.

Tag1's D7ES service offers continuity for Drupal 7 users, leveraging its position as a key contributor to the Drupal 7 codebase and its history of managing post-EOL support. By maintaining QA and testing systems for Drupal 7, Tag1 ensures compatibility and stability for ongoing updates. This service allows organizations to continue existing workflows and release procedures with minimal disruption. Read the official announcement for more details.

  

Source Reference

Title
New Critical Security Updates for Drupal 7 Highlight Importance of Drupal 7 Extended Support by Tag1
Byline
Not provided
Date of Publication
Organization
Drupal Association

Image Attribution Disclaimer: At The Drop Times (TDT), we are committed to properly crediting photographers whose images appear in our content. Many of the images we use come from event organizers, interviewees, or publicly shared galleries under CC BY-SA licenses. However, some images may come from personal collections where metadata is lost, making proper attribution challenging.

Our purpose in using these images is to highlight Drupal, its events, and its contributors—not for commercial gain. If you recognize an image on our platform that is uncredited or incorrectly attributed, we encourage you to reach out to us at #thedroptimes channel on Drupal Slack.

We value the work of visual storytellers and appreciate your help in ensuring fair attribution. Thank you for supporting open-source collaboration!

LinkedIn Comment

You May Like
Article
CKSource Offers Extended Support for CKEditor 4 in Drupal

CKSource Offers Extended Support for CKEditor 4 in Drupal
Article
CKSource Offers Extended Support for CKEditor 4 in Drupal

CKSource Offers Extended Support for CKEditor 4 in Drupal

ASK: Drupal Community Needs Your Support

View all →
Drupal
Drupal Association
Drupal 7 EOL
Tag1 Consulting

Disclosure: This content is produced with the assistance of AI.

Note: The vision of this web portal is to help promote news and stories around the Drupal community and promote and celebrate the people and organizations in the community. We strive to create and distribute our content based on these content policy. If you see any omission/variation on this please reach out to us at #thedroptimes channel on Drupal Slack and we will try to address the issue as best we can.

Advertisement Here

Related Organizations

Related People

You may also like

Advertisement Here
You May Like
Interview
Pantheon Content Publisher: Working Back to the Roots of Innovation

Pantheon Content Publisher: Working Back to the Roots of Innovation
Build site with Drupal

Featured

Related

Latest News

Upcoming Events

View All Events

Latest Opportunities

Advertisement Here