Download drupal-7.27.tar.gztar.gz 3.06 MB
MD5: e9b05562f1a7f8bbcb5922cd3a0d55cb
SHA-1: efeb1a9a0e84d209b87b37b8c5583e0844b3d2f5
SHA-256: 9a04062618acdebdaf8ee1e0291c6f3d6808483b9aec9b315e4f15db080a19e2
Download drupal-7.27.zipzip 3.49 MB
MD5: 754e28e1dabc78af84b2050b1a36b7f4
SHA-1: 01a8b5225f1a62db8ce6d377b73a95e5c2e579c0
SHA-256: 720754cddb5f15932ee18e481f69a53783f047e04934827a9d913ef809c53808

Release info

Created by: David_Rothstein
Created on: 16 Apr 2014 at 22:07 UTC
Last updated: 18 Oct 2017 at 16:40 UTC
Core compatibility: 7.x
Release type: Security update

Release notes

Maintenance and security release of the Drupal 7 series.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

No other fixes are included.

No changes have been made to the .htaccess, web.config, robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary.

Known issues:

  • This release caused a JavaScript error which breaks Ajax requests in very old browsers (for example, Internet Explorer 8 and earlier); see this issue for details. The solution is to upgrade to Drupal 7.28.
  • This release caused the Multiple Forms module to stop working correctly (see issue). The solution is to upgrade to Multiple Forms 7.x-1.1 or higher.
  • See below for small API changes which may affect sites that expose Ajax or multi-step forms to anonymous users on cached pages (where the page is cached either by Drupal or by an external system). In most cases, serious regressions are not expected and the changes are not critical, but they could be required for anonymous users to be able to properly use these Ajax or multi-step forms.

Major changes since 7.26:


The selected release is the release that will be used for automated testing. Optional projects are only used for testing.


No required projects


No optional projects