Updates are continuing, if additional releases for either Drupal Core or modules indicate a "highly critical" status we will continue to cycle through all customer sites for these releases as well. You can check your Pantheon and Acquia dashboards for the latest version information, and we encourage you to apply updates directly as well.
Posted Apr 25, 2018 - 18:15 PDT
Identified
Drupal has identified the security release of Drupal 7 made available earlier today as upgraded from critical to highly critical, and with known exploits. Due to the severity of these issues Apigee deems it necessary to change our original plan to ensure the security of our customers’ sites. We will begin to run automated updates within the hour.
All sites will have non-production environments (Dev, Test & Multi-dev) updated to the latest version, including a recent update to a Drupal module just recently made available. In order to minimize impact to production environments a fix-specific, patch-only, release will be applied. It will be important to validate your site on your Test environment and fully deploy to Production so that your site is completely on the latest version of Drupal core.
If your site experiences any issues please contact Apigee Support for immediate assistance.
We are aware of at least one module (Media) which has indicated module-level updates are necessary after the recent Drupal core release update of 18.05.25.00. We will be working to provide an updated distribution and monitoring for additional impacted modules. We recommend monitoring releases periodically over the next few days.
Posted Apr 25, 2018 - 14:07 PDT
This incident affected: Developer Portal (Drupal-based (alternative)).