This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcements:
No other fixes are included.
No changes have been made to the
robots.txt or default
settings.php files in this release, so upgrading custom versions of those files is not necessary.
Important: If you are running Drupal 8.2.7 or earlier, update to Drupal 8.2.8 instead of 8.3.1 to apply the security fix as safely as possible. (You should still plan to update to this release at a later date, as the 8.2.x series is end-of-life and will not receive further updates.)
Minor releases like Drupal 8.3.0 may include changes to internal APIs and experimental modules that require updates to contributed and custom modules and themes per Drupal core’s backwards compatibility and experimental module policies. See the Drupal 8.3.0 release notes for more information on the new minor release, including requirements for updating from 8.2.x releases.