- πΊπΈUnited States smustgrave
Wonder if this is a duplicate of π If the site is on an insecure version of an old minor and there is a secure version of that old minor available, the update status report should link that release Needs work
- Status changed to Active
7 months ago 10:20pm 29 January 2024 - πΊπΈUnited States dww
Hrm, no, I don't think so. That issue is about handling edge cases for folks that are on older releases, and what specific release the Available Updates report recommends.
This issue is about the fact that not all security releases are created equally - many require you're already an admin on the site, etc. Very few are actually "holy crap, drop everything and upgrade NOW!". This issue aims to get updates.d.o and update manager to somehow convey the severity of the security issues. Something along the lines of at least reporting the "threat level" info from the SA directly in the Update Manager UI. TBD. But it's not a duplicate request AFAICT.
Thanks,
-Derek - πΊπΈUnited States dww
Sorry, it's called "Security risk" on the SAs. E.g. if it was warning you about the 10.2.2 core release and https://www.drupal.org/sa-core-2024-001 β , it'd say something like "Security risk: Moderately critical 11β25 AC:None/A:None/CI:None/II:None/E:Theoretical/TD:Default". Or however we decided to put that in the UI.