Download Size md5 hash
drupal-7.16.tar.gz 3 MB 352497b2df94b5308e31cb8da020b631 3.42 MB 5582dd6dc1d0abeca1904bc453fbc25c
Last updated: October 17, 2012 - 21:16

Release notes

Maintenance and security release of the Drupal 7 series.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

No other fixes are included.

No changes have been made to the .htaccess, robots.txt or settings.php files in this release, so upgrading custom versions of those files is not necessary.

Update notes:

As a consequence of the security fixes in this release, sites using the OpenID module will reject login attempts from OpenID servers which return an XRDS file with a declared DOCTYPE (due to the possibility of malicious DOCTYPE declarations).

A DOCTYPE declaration is not part of the OpenID specification, so this is not expected to cause any problems for valid OpenID servers. However, sites using unusual or custom OpenID servers may wish to test OpenID logins before deploying this release.

View change notices for this release
Official release from tag: