Update: Drupal 7.15 and Drupal 6.27 are now available.

Drupal 7.14 is now available, which contains bug fixes as well as fixes for security vulnerabilities from Drupal 7.13.

Drupal 6.26, which fixes known bugs (no security issues) is also available for download.

Upgrading your existing Drupal 7 and 6 sites is strongly recommended. There are no new features in these releases. For more information about the Drupal 7.x release series, consult the Drupal 7.0 release announcement, more information on the 6.x releases can be found in the Drupal 6.0 release announcement. Drupal 5 is no longer maintained, upgrading to Drupal 7 is recommended.

Security information

We have a security announcement mailing list, a history of all security advisories, and an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.

Drupal 7 and 6 include the built-in Update status module, which informs you about important updates to your modules and themes.

Bug reports

Both Drupal 7.x and 6.x branches are being maintained, so given enough bug fixes (not just bug reports) more maintenance releases will be made available, according to our monthly release cycle.


Drupal 7.13 only includes fixes for security issues. Drupal 7.14 also includes bugfixes. The full list of changes between the 7.12 and 7.14 releases can be found by reading the 7.14 release notes. A complete list of all bug fixes in the stable 7.x branch can be found in the git commit log.

Drupal 6.26 only includes bugfixes.

Security vulnerabilities

Drupal 7.13 were released in response to the discovery of security vulnerabilities. Details can be found in the official security advisory:

To fix the security problems, please upgrade to Drupal 7.13.

What is included with each release?

Release explanation

We made two versions of Drupal 7 available, so you can choose to only include security fixes (Drupal 7.13) or security fixes and bugfixes (Drupal 7.14). You can choose your preferred version. We are trying to make it easier and quicker to roll out security updates by making security-only releases available as well as ones with bugfixes included. We hope this helps you roll out the fixes as soon as possible. Read more details in the handbook.

Known issues

- #1558548: Notice: Undefined index: default_image in image_field_prepare_view() - Upgrading from Drupal 7.x to Drupal 7.14 will yield a harmless but annoying PHP notice. Patch has been committed to 7.x-dev, and will be available in 7.15. A workaround in the meantime is visiting the field settings page and saving.
- #1541792: Enable dynamic allowed list values function with additional context - This issue introduced an more context to hook_options_list(). However, because Entity API was calling this hook directly it causes errors such as Warning: Missing argument 2 for taxonomy_options_list() in taxonomy_options_list() (line 1375 of modules/taxonomy/taxonomy.module).. Fixed in Entity API module at #1556192: Incorrect invocation of hook_options_list().
- #1171866: Enforced fetching of fields/columns in lowercase breaks third-party integration - This issue accidentally introduced an API change that affected both Migrate and Backup and Migrate modules. Solution for Migrate is to rename tables in scripts back to their proper names. Solution for Backup and Migrate is at #1576812: Could not complete the backup.
- #811542: Regression: Required radios throw illegal choice error when none selected
- #1571104: Can't access non-node entities with EntityFieldQuery