On April 21, 2021, a critical security advisory was released for Drupal core to disclose a cross-site scripting vulnerability, affecting all currently-supported versions of Drupal (7, 8, and 9).
New versions of the UT Drupal Kit for both Drupal 7 and Drupal 9 incorporate the updated versions of Drupal core which address this vulnerability. There are no other changes in these releases.
It is recommended that all users of the UT Drupal Kit update their sites with this latest version as soon as practicable.