July 18th, 2016
Drupal 8.1.7, a maintenance release which contains fixes for security vulnerabilities, is now available for download.
See the Drupal 8.1.7 release notes for further information.
Upgrading your existing Drupal 8 sites is strongly recommended. There are no new features nor non-security-related bug fixes in this release. For more information about the Drupal 8.1.x release series, consult the Drupal 8 overview.
We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.
Drupal 8 includes the built-in Update Manager module, which informs you about important updates to your modules and themes.
Drupal 8.1.x is actively maintained, so more maintenance releases will be made available, according to our monthly release cycle.
Drupal 8.1.7 was released in response to the discovery of security vulnerabilities. Details can be found in the official security advisories:
- Drupal Core - Highly Critical - Injection - SA-CORE-2016-003
To fix the security problem, please upgrade to Drupal 8.1.7.
See the 8.1.7 release notes for details on important changes in this release.
See the 8.1.7 release notes for known issues.