Drupal 7.27 and Drupal 6.31, maintenance releases which contain fixes for security vulnerabilities, are now available for download. See the Drupal 7.27 and Drupal 6.31 release notes for further information.
You may have heard that a vulnerability in the OpenSSL cryptographic library called Heartbleed or formally called CVE-2014-0160 has been disclosed and that it represents a potential security threat to a large number of websites. Using this vulnerability, malicious individuals could access sensitive information submitted by people actively visiting a website including usernames, passwords and credit card numbers. Users across the Internet should be especially aware of suspicious activity on their accounts.
Drupal.org will be going down for up to 1 hour starting Wednesday, Mar 19, 17:00 PDT (Mar 20, 0:00 UTC). This maintenance window will be used for routine Drupal module updates, which need to alter large tables. Logging into sub-sites (api.drupal.org, groups.drupal.org, etc) will be down; they will otherwise remain available. Please follow the @drupal_infra Twitter account for updates during the downtime. Thanks for your patience!
It’s official! According to the Drupal.org project usage stats, Drupal has more than a million sites (1,005,489 as of February 15) live and in production on the web.
This number under-reports reality, because the project usage stats don’t count *all* Drupal sites on the web. For more information on how project usage stats are counted, visit the usage statistics page.