Maintenance and security release of the Drupal 8 series.
This release fixes highly critical security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:
Drupal core - Highly Critical - Remote Code Execution - SA-CORE-2018-002
No changes have been made to the .htaccess, web.config, robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary.
A change to Update Status module was also made to fix language around unsupported versions of Drupal core. Drupal 8.4 and below is no longer supported; please upgrade to Drupal 8.5 for support.
Known issues:
As of this release, Drupal strips out several potentially dangerous values from user-provided input. This is unlikely to break sites because the values that are stripped are very rarely used intentionally.
Пошаговое описание обновления системы до новой версии смотрите в документации.