Release info

Created by: David_Rothstein
Created on: April 16, 2014 - 22:07
Last updated: January 11, 2016 - 21:44
Core compatibility: 7.x
Release type: Security update

Release notes

Maintenance and security release of the Drupal 7 series.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

No other fixes are included.

No changes have been made to the .htaccess, web.config, robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary.

Known issues:

  • This release caused a JavaScript error which breaks Ajax requests in very old browsers (for example, Internet Explorer 8 and earlier); see this issue for details. The solution is to upgrade to Drupal 7.28.
  • This release caused the Multiple Forms module to stop working correctly (see issue). The solution is to upgrade to Multiple Forms 7.x-1.1 or higher.
  • See below for small API changes which may affect sites that expose Ajax or multi-step forms to anonymous users on cached pages (where the page is cached either by Drupal or by an external system). In most cases, serious regressions are not expected and the changes are not critical, but they could be required for anonymous users to be able to properly use these Ajax or multi-step forms.

Major changes since 7.26: