Drupal.org users* can now use Two factor authentication to increase the security of their accounts. It can be enabled via Security tab of your user profile page. Read the detailed instructions at Enabling TFA on Drupal.org.
This was made available to Drupal.org admins in May. It is now required for users who have advanced access on Drupal.org. However, every user can benefit from the security that two factor authentication offers.
If you want to make two factor authentication available on your own Drupal site, you can install the TFA module.
* Two factor authentication is available for all users with the 'confirmed user' role. If you don't see 'Security' tab on your profile page, you might be missing the role. Just keep posting content on Drupal.org and it will be granted soon. You can also apply to get the role.Front page news: Planet Drupal
On July 9th 8pm UTC, Drupal.org will be migrating our Git server to a redundant cluster of 2 servers. This will provide failover in the event one server fails.
While we are working on the migration, users will not be able to commit files to Git or check files out of Git. We expect the migration to take up to 2 hours.
After the migration Host keys will change and your client might give an error message when pushing to Git. Consult your OS’s documentation on how to fix this error.
If you have any questions please raise an issue in the infrastructure issue queue. https://www.drupal.org/project/issues/infrastructure?categories=All
You can follow the progress of the migration at http://twitter.com/drupal_infra
Drupal 7.38 and Drupal 6.36, maintenance releases which contain fixes for security vulnerabilities, are now available for download. See the Drupal 7.38 and Drupal 6.36 release notes for further information.Download Drupal 7.38
Download Drupal 6.36
Upgrading your existing Drupal 7 and 6 sites is strongly recommended. There are no new features or non-security-related bug fixes in these releases. For more information about the Drupal 7.x release series, consult the Drupal 7.0 release announcement. More information on the Drupal 6.x release series can be found in the Drupal 6.0 release announcement.Security information
We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.
Drupal 7 and 6 include the built-in Update Status module (renamed to Update Manager in Drupal 7), which informs you about important updates to your modules and themes.Bug reports
Drupal 7.38 and 6.36 were released in response to the discovery of security vulnerabilities. Details can be found in the official security advisory:
To fix the security problem, please upgrade to either Drupal 7.38 or Drupal 6.36.Known issues
None.Front page news: Planet DrupalDrupal version: Drupal 6.xDrupal 7.x