This is an important security update of the D7 branch. All sites owners are urged to update their system immediately! This release fixes multiple vulnerabilities found in third-party library Archive_Tar.
Websites effected are those that configured to allow .tar, .tar.gz, .bz2 or .tlz file uploading and processing. To fix all these issues just update to the latest Drupal core.
There are no changes have been made to the following files: .htaccess, web.config, robots.txt and default settings.php. That means there are no need to upgrade these files custom versions.
Drupal allows several way to upgrade its core. If you are not sure which one to choose, visit project's update help page to read about each of them to find the right one for your project.
Remember, before making any changes create Drupal's data base backup, even better full system back up.
If you need any assistance with your Drupal based website, contact Web Admin. We back up your files and update your website to the latest version.