Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The sixth maintenance release of the Drupal 7 series. Only bugfixes have been committed. No security fixes are included in this release. New features are only being added to the forthcoming Drupal 8.0 release.
This release includes the security fixes from Drupal 7.5 which was released alongside Drupal 7.6. No additional security fixes are included.
Major changes committed since Drupal 7.4 are as follows:
Changes since Drupal 7.4
#1000736 by fangel, stBorchert, adorsk: Fixed Term reference autocomplete widget having problems handling terms with commas.
#1218954 by Mark Theunissen: Fixed Path aliases broken after upgrade.
#634616 follow-up by sun: Documentation and bug fix for 'prevent' AJAX property.
#1164852 follow-up by plach: Fix node module update which was hard-coding translatable to TRUE.
#1206200 follow-up by chx: Commit missing hunk from 7.x version.
#1164852 by plach: Default the 'translatable' bit on fields to FALSE for fields created in the UI, to match those created by the API.
The fifth maintenance and security release of the Drupal 7 series. Only fixes for security vulnerabilities have been committed. New features are only being added to the forthcoming Drupal 8.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The fourth maintenance release of the Drupal 7 series. Only bugfixes have been committed. No security fixes are included in this release. New features are only being added to the forthcoming Drupal 8.0 release.
This release includes the security fixes from Drupal 7.3 which was released alongside Drupal 7.4. No additional security fixes are included.
Major changes committed since Drupal 7.2 are as follows:
Changes since Drupal 7.2
Critical bug Roll-back of Issue #534594 by beejeebus, catch: This causes fatal errors from class loaders in certain modules (CTools, etc.)
Critical bug #1007830 by drunken monkey, Damien Tournoud, bfroehle: Fixed Nested transactions throw exceptions on ddl changes.
Critical bug #761648 follow-up by lyricnz: Fixed Menu D6->D7 upgrade doesn't maintain node-menu configuration.
Critical bug #1014262 by Eric_A, asimmonds: Fixed user_update_7011() completely broken (User email template tokens not upgraded).
Critical bug #1089472 by janusman, David_Rothstein: batch API finishes when >99.5% of items have been processed.
The third maintenance and security release of the Drupal 7 series. Only fixes for security vulnerabilities have been committed. New features are only being added to the forthcoming Drupal 8.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The twentysecond maintenance release of the Drupal 6 series. Only bugfixes have been committed. No security fixes are included in this release. New features are only being added to the forthcoming Drupal 8.0 release.
This release includes the security fixes from Drupal 6.21 which was released alongside Drupal 6.22. No additional security fixes are included.
The complete list of changes committed since Drupal 6.20 are as follows:
#113611 by crischan, jjrey, JuliaKM, salvis, Offlein: Forum post counts incorrect when using node access control modules
#321063 by eMPee584, Kars-T, pillarsdotnet: Path book/export/html/N with a non-book nid should abort and return 404 not found.
#235673 by yched, Damien Tournoud, swentel, pwolanin, redndahead, sun, carlos8f, c960657: Changes to block caching mode not caught
#384794 by trond, mvc, alduya, intuited, jaydublu, jhedstrom: trim() .po file comments on import, so that custom textgroup imports will find their right database equivalent
#163445 by webengr, mlsamuelson, greg.1.anderson, pescetti: fix issues with IE not being able to download private files served over SSL with additional headers
The second maintenance release of the Drupal 7 series. Only bugfixes have been committed. No security fixes are included in this release. New features are only being added to the forthcoming Drupal 8.0 release.
This release includes the security fixes from Drupal 7.1 which was released alongside Drupal 7.2. No additional security fixes are included.
The first maintenance and security release of the Drupal 7 series. Only fixes for security vulnerabilities have been committed. New features are only being added to the forthcoming Drupal 8.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The twentyfirst maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities have been committed. New features are only being added to the forthcoming Drupal 8.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The twentieth maintenance release of the Drupal 6 series. Only bugfixes have been committed. No security fixes are included in this release. New features are now only being added to the Drupal 8.0 development version.
The complete list of changes committed since Drupal 6.19 are as follows:
#494462 by z.stolar: modify robots.txt to give search engine crawlers permission to index content in /sites/*, such as images uploaded to the site
#481142 by JohnAlbin, sociotech: theme settings forms were not inherited by sub-themes
#764548 by Dave Reid, sun: backport hiding of hidden modules on the modules page, so if projects include hidden modules for testing, those will not confuse users
#687674 by jefnguo, rdrh555: fix minor code documentation typo in menu.inc
#881540 by bjaspan: make syslog identity configurable on the user interface (instead of hardwired to 'drupal')
#280930 by pillarsdotnet, oadaeh, David_Rothstein: fall back on an empty array if hook_schema is not defined for a module
#956320: clean up documentation for menu_set_active_trail
The twenty-third maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The nineteenth maintenance release of the Drupal 6 series. Only bugfixes have been committed. No security fixes are included in this release. New features are only being added to the forthcoming Drupal 7.0 release.
This release includes the security fixes from Drupal 6.18 which was released alongside Drupal 6.19. No additional security fixes are included.
The complete list of changes committed since Drupal 6.17 are as follows:
#521370 by Damien Tournoud, marcingy, andypost: watchdog hook invocations should be ordered by weight, not name
#828706 by oadaeh: use module_load_install() instead of module_load_include() in drupal_get_schema_unprocessed()
#341136 by bwynants, jvandervort: taxonomy selection too dependent on node preview being present
#826864 by mr.baileys: improve documentation for decode_entities()
#360605 followup by Berdir, gpk: improve PHP 5.3 compatibility for misconfigured hosts even
#824102 by cwgordon7: provide access callback for contrib token implementations too
The eighteenth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The seventeenth maintenance release of the Drupal 6 series. Only bugfixes and minor improvements have been committed. New features are only being added to the forthcoming Drupal 7.0 release. This release does not fix any security issues.
The following patches have been committed since the 6.16 release:
The twenty-second maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The sixteenth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.15 release:
#673974 by sun: PHP notice when mass-unpublishing or deleting comments, and wrong form validation redirect
#424372 by mr.baileys, bombatower, Arancaytar: :: in .info files caused fatal error, use list of constants for lookup instead
#370958 by Rob Loach, drewish, c960657, neilnz: some Adobe Flash MIME types were missing from our MIME listing
#284392 follow up by benoitg, brianV, mathieu, evoltech, tyr, Steven Jones, agentrickard, bl444137: better fix for issues around SQL rewrites adding DISTINCT
The fifteenth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The twenty-first maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The twentieth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 5.19 release:
Backport of #227228 by andypost, et al. Per-table cache_flush variables to avoid not flushing all but the first table when multiple tables are cleared.
#141965 by jeffschuler: taxonomy_term_path() and its phpdoc block was separated by one blank line, thus disconnecting it for the API docs parser.
#472160 by chx and Heine. Deny D6-style access elements.
#109513 backport by Freso. Create temporary mysql tables in memory.
#292565 second follow up by John Morahan: fix login destination again on 403/404 pages and make the search form work there if displayed
The fourteenth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.13 release:
#482646 follow up by Dave Reid: only check the db prefix for simpletest if it was a string (not running a multisite)
#284392 by Passionate_Lass, Anselm Heaton, tassoman, agentrickard: DISTINCT handling in db_distinct_field()'s MySQL implementations was resulting in bogus queries
#310139 by fonant, c960657, pwolanin: drupal_urlencode() and Drupal.encodeURIComponent was used to encode query strings and other components it should not have been used for
#499254 by chx: Drupal lacked support for positive integer values in database queries, beyond PHP_INT_MAX; caused issues with twitter integration and big numbers in general
The nineteenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The thirteenth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.12 release:
- Patch #463450 by wulff: fixed documentation glitch.
#193577 by Rob Loach, Damien Tournoud, andypost: JavaScript string split() function does not behave like PHP explode(); causes problems with multiple node body break tags
#454992 by sun, bengtan: _drupal_flush_css_js() should not have 'q' as a possible CSS query character, since that is the Drupal path name character too
#452704 by andypost, catch: Names of compressed CSS and JS files should have a prefix, so that names starting in ad* will not happen. Those are easily blocked by firewalls, Firefox's Adblock, etc.
The eighteenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The twelfth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The eleventh maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes a security vulnerability. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.10 release:
#376408 follow up by pwolanin: search_nodeapi() lacked break in switch; resulted in issue in logic not code flow
#197864 by vito_swat, alpritt, Murz, catch: Use hook_term_path() in forum module instead of hook_link_alter(); simplfies code, improves performance and compatibility.
#314314 by bastos, Dave Reid, mr.baileys, Pasqualle: fix invalid XHTML markup in update.php output
#372914 by chx, pwolanin, webchick: Menu link title localization was broken when a non-t callback was used
#395086 by Freso: call trim() before truncate_utf8() in comment module for better quality truncation.
The seventeenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The sixteenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The tenth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes a security vulnerability. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.9 release:
- Patch #298722 by pwolanin: _menu_translate returns FALSE before to_arg is available. Drupal.org upgrade blocker.
#310863 by bangpound, dboulet, catch, lee20: Locale variable results in locale module install, so skip adding empty variable when not needed.
#275796 by Gribnif, Damien Tournoud, Dave Reid, vaish: module_list() should set its static variable to NULL instead of unset()-ing it, so it does not retain its value
#328110 by marcingy, swentel, Damien Tournoud, pwolanin, David_Rothstein: the link argument is passed by reference to menu_link_save(), so avoid overwriting local variables in menu_enable().
The ninth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.8 release:
- Patch #331708 by chx: poll_choice_js uses FAPI2.
- Patch #350708 by dww: t() documentation clean-up.
#245990 by Dave Reid, chx, dww: Look for the www.example.com page when a HTTP request seems to fail. Looking for the local page caused problems for people with interactive authentication, redirects, hosting added JavaScript code, and so on.
- Patch #262920 by ainigma32: language selection for domain should look at HTTP_HOST not SERVER_NAME.
- Patch #353886 by killes: too many arguments to SQL query in locale import.
The fifteenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The eight maintenance release of the Drupal 6 series. Only fixes for bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
The following bug has been fixed since the 6.7 release:
The fourteenth maintenance release of the Drupal 5 series. Only fixes for bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
The following bug has been fixed since the 5.13 release:
The thirteenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The seventh maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
The sixth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement: