On Wednesday, April 25, a new version of Developer Services Portal is ready for you to apply. See How do I apply Apigee updates to my developer portal in the public cloud?
The following bug is fixed in this release.
|Issue ID||Component Name||Description|
|78464392||Developer Portal - Drupal||
Drupal 7 core highly critical Release April 25th, 2018 PSA-2018-003
The Drupal security team is giving advance notice of this issue due to its severity so that anyone running Drupal 7 can prepare to update their systems immediately. They anticipate once details are announced that some malicious agents will try to take advantage of the vulnerability right away.
Warning: Delays in deploying the patch could result in significant impact to your Developer Portal and potentially impact your environments within Apigee Edge.
For Cloud Customers:
Given the severity of the issue, Apigee will automatically apply the patch on your behalf after 24 hours if it is not already applied. Please note that it may take a few hours to roll the updates out across all customer sites. In order to see if the update has been applied, please go to Pantheon dashboard at https://pantheon.io or Acquia dashboard at https://accounts.acquia.com.
For On-premises (OPDK) Customers:
You are responsible for applying the patch. Steps to apply the update are described in Upgrading the Drupal version of a Private Cloud installation.
For more information, see https://www.drupal.org/project/drupal/releases/7.59 and https://www.drupal.org/psa-2018-003.