Install
To start a new Drupal project with version 9.4.7:To update your site and all dependencies to the latest version of Drupal:
To update your site to this specific release:
Using Composer to manage Drupal site dependencies
Downloads
Release notes
This is a security release of the Drupal 9 series.
This release fixes security vulnerabilities. Sites are urged to update immediately after reading the notes below and the security announcement:
No other fixes are included.
Which release do I choose? Security coverage information
- Drupal 9.4.x will receive security coverage until June 2023 when Drupal 10.1.0 is released.
- Sites on 9.3.x or earlier should update immediately to Drupal 9.3.22 instead of this release (but update to 9.4 or higher soon).
- Versions of Drupal 9 prior to 9.3.x are end-of-life and do not receive security coverage.
- Versions of Drupal 8 are end-of-life and do not receive security coverage.
Important update information
-
Drupal 9.4 core now requires
twig/twig
2.15.3 or higher (up from 2.15.0). -
This release includes a change to
default.services.yml
. It adds atwig.config.allowed_file_extensions
configuration setting to restrict file types that may be loaded with Twig for security. Site owners should make a copy of theirdefault.services.yml
prior to updating to ensure any custom modifications are retained.Following this release, by default, Twig may load the following file types:
.css
.html
.js
.svg
.twig
If your site, module, or theme must load additional file types via Twig, consult the documentation for
twig.config.allowed_file_extensions
indefault.services.yml
.