6.x

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

• SA-2008-068 - Localization client and Localization server - Cross site request forgery

In addition to this security vulnerability, the following changes have been made since the 6.x-1.0-alpha1 release:

• Bad 'page arguments' in l10n_groups module
• - Menu updates. Use the Drupal 6 built in ways to invoke functions from include files. No need for a custom wrapper.
  - Fixed missing access argument on export tab, which resulted in it not showing up.
  - Fixed badly updated form in export screen, now includes form_state as mandated in Drupal 6.
• - Move Tar.php check to a real hook_requirements() check as suggested in @todo.
  - Add potx version compatibility check to make sure people run with the right potx version.
• #321637 by myself: support for disabled projects; makes it possible to discontinue project translations (not looking for new releases but keeping old data) and maintaining suggested projects not yet picked up by the server but known.
• Instead of t() we should use the return value of get_t() in install functions

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

• SA-2008-068 - Localization client and Localization server - Cross site request forgery

In addition to this security vulnerability, the following changes have been made since the 6.x-1.5 release:

- #324012: added toggle for "Show All" in admin settings
- #324012, #324668: fixed issue with CCK fields not showing
- #324584: fixed incorrect assignment of default class values in the ToC

This update to Webform fixes a critical bug regarding sending e-mails (all e-mail content was blank). It also fixes a few other minor bugs and allows optgroups to be used in select lists.

New Features:
#291498: Support <optgroup> in selects

The sixth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

• SA-2008-067 - Drupal core - Multiple vulnerabilities

In addition to this security vulnerability, the following bugs have been fixed since the 6.5 release:

• - Patch #315656 by Damien Tournoud: fixed bug in drupal_lookup_path('wipe').
• - Patch #285165 by Heine, Gabor: fixed wildcard loader names with numbers.
• #285165 follow up by Damien Tournoud, pwolanin, chx: fixed wildcard loader problem
• - Patch #293078 by lilou: correction for user-profile.tpl.php documentation.
• - Patch #321165 by Dave Reid: fixed exceptions in XML-RPC library. Backported from CVS HEAD.
• #260372 by andershal and nedjo: All translations were removed from translation set when deleting a node and only two nodes are left.

Stable release for 6.x.