Drupal 5.18
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.18.tar.gz | 748.82 KB | d88a6c737d6b8dbffabd0df40ad319af |
| drupal-5.18.zip | 851.27 KB | d146037cf7c028fe946642d0f819c297 |
Release notes
The eighteenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
Read moredrupal 6.12
| Download | Size | md5 hash |
|---|---|---|
| drupal-6.12.tar.gz | 1.03 MB | 82e2517f175320cffe20997333b3a33a |
| drupal-6.12.zip | 1.21 MB | b396f2a25dc447a15bb6d9d3296ecfb9 |
Release notes
The twelfth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.11 release:
- #353328 by catch, BrianV: When a new commment is added, the redirection path should point to page, where the new comment is.
- #239945 by Xano, JeremyFrench, Damien Tournoud, andypost: Should not iterate over the children in taxonomy_get_tree() anymore if we reached max_depth.
- #292565 by grendzy, John Morahan, Jody Linn: remove path munging on 403/404 pages, which caused problems for login redirects
- #448268 by dww: Make sure that submitting the themes admin form clears out the update status cache, just like the modules admin form does.
Drupal 5.17
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.17.tar.gz | 748.57 KB | 14d5aec31f6878b959015d038280c266 |
| drupal-5.17.zip | 850.92 KB | a3421196d4de6384264f03554b4d7228 |
Release notes
The seventeenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
Read moredrupal 6.11
| Download | Size | md5 hash |
|---|---|---|
| drupal-6.11.tar.gz | 1.03 MB | 6a341807b83c4e48f50ce7921562402c |
| drupal-6.11.zip | 1.21 MB | 36b5d5788a8ea32e6a3fc018d41c415d |
Release notes
The eleventh maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes a security vulnerability. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.10 release:
- #376408 follow up by pwolanin: search_nodeapi() lacked break in switch; resulted in issue in logic not code flow
- #197864 by vito_swat, alpritt, Murz, catch: Use hook_term_path() in forum module instead of hook_link_alter(); simplfies code, improves performance and compatibility.
- #314314 by bastos, Dave Reid, mr.baileys, Pasqualle: fix invalid XHTML markup in update.php output
- #372914 by chx, pwolanin, webchick: Menu link title localization was broken when a non-t callback was used
- #395086 by Freso: call trim() before truncate_utf8() in comment module for better quality truncation.
Drupal 5.16
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.16.tar.gz | 748.29 KB | b8b603a5dbf5e7f280ed6e1521ca9bae |
| drupal-5.16.zip | 850.49 KB | b552d1a4cec2f95b1e10b792bb2e267c |
Release notes
The sixteenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
Read moredrupal 6.10
| Download | Size | md5 hash |
|---|---|---|
| drupal-6.10.tar.gz | 1.03 MB | d8f222c260556b5d7c3ff41bdd251b3c |
| drupal-6.10.zip | 1.2 MB | b87597c62db72090fa655669a7b3a788 |
Release notes
The tenth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes a security vulnerability. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.9 release:
- - Patch #298722 by pwolanin: _menu_translate returns FALSE before to_arg is available. Drupal.org upgrade blocker.
- #310863 by bangpound, dboulet, catch, lee20: Locale variable results in locale module install, so skip adding empty variable when not needed.
- #275796 by Gribnif, Damien Tournoud, Dave Reid, vaish: module_list() should set its static variable to NULL instead of unset()-ing it, so it does not retain its value
- #328110 by marcingy, swentel, Damien Tournoud, pwolanin, David_Rothstein: the link argument is passed by reference to menu_link_save(), so avoid overwriting local variables in menu_enable().
drupal 6.9
| Download | Size | md5 hash |
|---|---|---|
| drupal-6.9.tar.gz | 1.03 MB | 5c682a4709f4632febbe7617a784a01a |
| drupal-6.9.zip | 1.2 MB | 92314f5cbb6116247dd5f287905ac898 |
Release notes
The ninth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.8 release:
- - Patch #331708 by chx: poll_choice_js uses FAPI2.
- - Patch #350708 by dww: t() documentation clean-up.
- #245990 by Dave Reid, chx, dww: Look for the www.example.com page when a HTTP request seems to fail. Looking for the local page caused problems for people with interactive authentication, redirects, hosting added JavaScript code, and so on.
- - Patch #262920 by ainigma32: language selection for domain should look at HTTP_HOST not SERVER_NAME.
- - Patch #353886 by killes: too many arguments to SQL query in locale import.
- - Rollback of #325908.
Drupal 5.15
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.15.tar.gz | 748.05 KB | 4c3c71bcf17bdbbe8c4e8dacbb1d0072 |
| drupal-5.15.zip | 850.19 KB | 2b0bd0a5aca5712bedf91b5bb81a0a6e |
Release notes
The fifteenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
Read moredrupal 6.8
| Download | Size | md5 hash |
|---|---|---|
| drupal-6.8.tar.gz | 1.02 MB | 561f281b2dbee8310293a61443bdfbc7 |
| drupal-6.8.zip | 1.2 MB | bc548c4fbcd19a402b0b22b85c8fe394 |
Release notes
The eight maintenance release of the Drupal 6 series. Only fixes for bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
The following bug has been fixed since the 6.7 release:
- Rolling back #280934. PHP 4 incompatibility.
Drupal 5.14
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.14.tar.gz | 746.8 KB | 281c9ef75f757ab660d5e190b4a6c6c5 |
| drupal-5.14.zip | 848.8 KB | 2e8b85a1bdab8d0b1dca558b24fd11c8 |
Release notes
The fourteenth maintenance release of the Drupal 5 series. Only fixes for bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
The following bug has been fixed since the 5.13 release:
- Rolling back #280934. PHP 4 incompatibility.
Drupal 5.13
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.13.tar.gz | 746.81 KB | ceb0122cb27fd503fd24d1bacd967c2a |
| drupal-5.13.zip | 848.85 KB | c04e5467822986fd8976cca598dda5b9 |
Release notes
The thirteenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
Read moredrupal 6.7
| Download | Size | md5 hash |
|---|---|---|
| drupal-6.7.tar.gz | 1.02 MB | c9e8e5a9892538d355c62bd17b95b3a9 |
| drupal-6.7.zip | 1.2 MB | 6263e37876670c5631701c42aad90ea7 |
Release notes
The seventh maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.6 release:
- - Patch #324118 by winterheart: fixed invalid XHTML being generated for forum topic listings.
- - Patch #329019 by dww, sun: fixed PHP warning.
- #315739 by sun: The theme name is in arg(4) on the block admin page, so only redirect to theme specific page if that is set.
- - Patch #329646 by Damien Tournoud: properly reset user_access().
- - Patch #255293 by Gribnif, maartenvg: incorrect regex causes some aggregated CSS to fail.
- #329998 by pwolanin: escape markup looking non-HTML tags in schema descriptions
drupal 6.6
| Download | Size | md5 hash |
|---|---|---|
| drupal-6.6.tar.gz | 1.02 MB | caaa55d1990b34dee48f5047ce98e2bb |
| drupal-6.6.zip | 1.2 MB | 28f2fbb871aa1e023c4377ba6ee8fbb1 |
Release notes
The sixth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.5 release:
- - Patch #315656 by Damien Tournoud: fixed bug in drupal_lookup_path('wipe').
- - Patch #285165 by Heine, Gabor: fixed wildcard loader names with numbers.
- #285165 follow up by Damien Tournoud, pwolanin, chx: fixed wildcard loader problem
- - Patch #293078 by lilou: correction for user-profile.tpl.php documentation.
- - Patch #321165 by Dave Reid: fixed exceptions in XML-RPC library. Backported from CVS HEAD.
- #260372 by andershal and nedjo: All translations were removed from translation set when deleting a node and only two nodes are left.
Drupal 5.12
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.12.tar.gz | 746.41 KB | c07181e42894dc14438598f7772df434 |
| drupal-5.12.zip | 848.13 KB | 37a6c3bb2a703e21833f1f7f0785bdfb |
Release notes
The twelfth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
drupal 6.5
| Download | Size | md5 hash |
|---|---|---|
| drupal-6.5.tar.gz | 1.02 MB | a88c561f0e61168b6ac710de55b6f91f |
| drupal-6.5.zip | 1.2 MB | 6640c92ae16ab0b0e9010e33c183478e |
Release notes
The fifth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.4 release:
- - Patch #246143 by bjaspan, Damien Tournoud: make sure updates are run in numeric order, not in definition order.
- - Patch #221230 by Heine: convert requirement error on update to requirement warning.
- - Patch #252430 by quicksketch: allow base theme prefix in preprocessor function names to correct expected behavior.
- - Patch #245322 by mfb: fixed breadcrumb behavior.
- - Patch #287949 by Freso, Damien Tournoud: keep language icons in consistent order across nodes.
- - Patch #265899 by mfb: uri_brief mail token did not support https URLs.
Drupal 5.11
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.11.tar.gz | 746.37 KB | de0936e4a991d1945129a56afcb6ef59 |
| drupal-5.11.zip | 848.07 KB | c3bf517e3f5d57638d54183692e2af1b |
Release notes
The eleventh maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed in the 5.11 release:
- - Patch #265899 by mfb: uri_brief mail token did not support https URLs.
- - Patch #170310 by mfb, JohnAlbin: avoid SSL cookie getting over-written by non-SSL cookie.
- #296096 by Damien Tournoud. Fix 5.10 Postgres install & update.
- - Patch #246143 by bjaspan, Damien Tournoud: make sure updates are run in numeric order, not in definition order.
- #181831 by Rob Loach. Backport of #130630 by chx: provide an id on the form item wrapper div.
- #283026 by Damien Tournoud. Make user_authenticate from external source (for existing users) work with no server part.
- #298535 by mkalkbrenner. Correct HTTP status code for failed connection.
- #108717 by add1sun and neclimdul. Code style.
- - Patch #230932 by ryanlath: file_scan_directory() didn't scan the directory called '0'. Backport by cridenour.
- follow up to #280621 by lilou: the object tag was disallowed in a previous version in filter_xss_admin(), so disallow param as well, which is only meaningful inside an object tag
- #208270 reported by Dries, patch by jvandyk: it was not possible to clear the XML-RPC error cache, making it impossible to do multiple queries in one request. Add xmlrpc_clear_error() and slightly modify xmlrpc_error() to fix.
- - Patch #308549 by lyrincz, Dave Reid: fixed broken link in PHPdoc.
- #67895 patch by goba, tested by JirkaRybka and blackdog: move poll votes with poll options, when an option is removed, instead of dropping all old votes, solving an old data loss bug. Backport by dww.
- #312730 by Damien Tournoud. hook_requirements('install') should work for modules that don't reside in the main './modules' folder.
Drupal 6.4
| Download | Size | md5 hash |
|---|---|---|
| drupal-6.4.tar.gz | 1.02 MB | 497b537285ad5847c1d3cb2f98ccf88c |
| drupal-6.4.zip | 1.19 MB | 29c29d2a7725d439e58633217601da91 |
Release notes
The fourth maintenance and security release of the Drupal 6 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed since the 6.3 release:
- #225880 follow up by webchick: improve error message when writable settings.php is not present
- - Patch #275801 by Damien Tournoud and Gribnif: fixed performance issue due to typo.
- - Patch #281943 by webchick, Arancaytar, dropcube et al: order install profiles alphabetically.
- - Patch #285467 by mustafau: fixed typo a MT blog API function.
- - Patch #238600 by scor: removed two unused links from context-sentive help.
- - Patch #268491 by mustafu, pwolanin, et al: fixed notice after deleting aggregator feed.
- - Patch #293434 by eMPee584 and Damien: fixed broken watchdog call.
- - Patch #254725 by Steve Dondley and BioALIEN: maxlength field for 'allowed HTML tags' is too short
- - Patch #290918 by pwolanin: don't unset project info during processing.
- - Patch #165642 by Damien Tournoud: error in SQL syntax in user.module.
- - Patch #246522 by mustafu, Dries: fixed typo in documentation.
- - Patch #283806 by mustafau, Aron Noval: improved error handling in drupal_http_request().
- - Patch #290869 by Wim Leers: AHAH functionality was not working for radio buttons.
- - Patch #293421 by Bart Jansens: fixed documentation of sess_count().
- - Patch #290869 by swenterl, cwgordon07: fixed notice in #ahah handling.
- - Patch #293343 by Bart Jansens: removed obsolete table name from documentation. Candidate for Most Trivial Patch of the Month Award.
- - Patch #293504 by Damien Tournoud: fixed search on PostgreSQL - argument of AND must be type boolean, not type integer.
- - Patch #283806 by mustafau: fixed bug in drupal_http_request()
Drupal 5.10
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.10.tar.gz | 744.63 KB | 819a914e97de48d2b2a8ab6955d01215 |
| drupal-5.10.zip | 846.06 KB | 4470f042157b8af25a056e457f5f477b |
Release notes
The tenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed in the 5.10 release:
- #117748 by webchick, Pancho, Rob Loach, pwolanin: required field values were not properly trim()ed on validation
- #207991 by Rok Zlender: xmlrpc_date did not parse dates well. Backport by clemens.tolboom.
- Patch #254725 by Steve Dondley and BioALIEN: maxlength field for 'allowed HTML tags' is too short. Backport by scor.
- - Patch #285467 by mustafau: fixed typo a MT blog API function.
- #272636 by evolvingweb, dvessel: add 'js' class to html tag in drupal.js instead of overwriting all its classes with 'js'. Backport by sun.
- #292538 by Damien Tournoud and hanoii. Fix $sidebar_indicator behavior.
Drupal 5.9
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.9.tar.gz | 738.79 KB | 2937fd1503ee3d22d232e259d839e314 |
| drupal-5.9.zip | 839.53 KB | f175c3b1b6a2d064716e4089ec5f8b06 |
Release notes
The ninth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes a security vulnerability. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed in the 5.9 release:
- #281042 by schuyler1d. Render blocks before CSS and JS header generation.
- #232433 by Damien Tournoud. Use non-localized date for RSS.
- #281494 by beeradb. Code style.
- #252580 by Robert Douglass, Gerhard Killesreiter, flobruit: avoid division by zero, when all search weights are set to 0.
- #252921 by David_Rothstein and agentrickard: remove unused join, which caused column type compatibility problems with postgresql; improves postgresql compatibility.
- #128846 by takashi, chx, bdragon, wedge, salvis, Shiny: rewritten queries on PostreSQL need to have matching DISTINCT ON and ORDER BY expressions
- #280934. Make sure session is always regenerated.
Drupal 5.8
| Download | Size | md5 hash |
|---|---|---|
| drupal-5.8.tar.gz | 738.58 KB | 2a570ce3cb6a104c2cc540a02a3cb11d |
| drupal-5.8.zip | 839.3 KB | 649825d1ea25138f91fe89e6d74e05cc |
Release notes
The eighth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities and also changes APIs. Sites are urged to upgrade immediately after reading the security announcement:
In addition to this security vulnerability, the following bugs have been fixed in the 5.8 release:
- #215252 by bdragon: reset the cache flush variable before the cache is flushed, so busy sites will not attempt multiple cache flushes at a time
- #165642 by Bart Jansens. Use a local variable rather than overwriting the global $user.
- Remove typo.
- #157652 by beginner, Steven Merrill and killes: block_user() had a global user object and a user parameter colliding
- #216404 by Rob Loach: path_nodeapi() only worked for users with permissions, although node loading requires the path to be loaded.
- #101904 by David_Rothstein. Make secondary links work for primary links with '' path.
- #84754: fix 404 and 403 error pages if the path set for these error pages does not exist
- #176503 by chx and bennybobw: hidden profile fields cannot be required and cannot be put on the registration form, so we needed warnings on the editing form to not let admins save forms set with these combinations.
Backport by Bart Jansens. - #104220 by ChrisKennedy: remove arbitrary half post max size restriction on maximum uploadable file size.
Backport by Bart Jansens. - #209488 by Bart Jansens. Use mysqli_connect_error() when mysqli database connection fails.
- #211825 by webchick. Fix revision revert log message.
- #213172 by skiquel: let color module run properly without a base image
- #212864 suggestion by pp, patch by gdevlugt: use format_date() for RSS item dates instead of date() to honor site time zone settings
- #171951 by dvessel: fix account specific theme selection form
Backport in #109459. - #208023 by traxer. Order node/add by name, not internal type.
- #204415 by pwolanin et al. Blacklist problematic machine-readable content type names.
- #75916 follow up patch by Richard Eriksson: allow aggregator pages to be indexed by default
- #113318 by dww: correct Postgres support.
- #176273 by Bart Jansens. Fix argument order.
- #227548 by Heine, AjK: misuse of db_escape_string(), when db_escape_table() should have been used
- #244597 by kbahey: remove cruft from user_login(), that added extra message to the form was never used or displayed
- #232037 by pwolanin: (performance) block regions should only be populated when called for, not in all cases (fixes performance expectation on 403/404 pages)
- #226869 by boydj and hswong3i: minor code style cleanup with aggregator module queries
- #175743 by Desbeers: fix numerous issues around node submission dates and content editing.
5.x backport by Freso. - - Patch #231132 by snufkin: fixed invalid XML-RPC error messages due to HTML tags being inserted in the message string.
- #208888 by jvandyk: set access time when externally authenticated user first logs in
Backport by joshk and stevecrozz. - #246476 by Jacine. Correct block admin column count.
- #104662 by chx: the search block form might not be available on the search page itself, so that target was not right for search block form submissions. Backport by webchick.
- - Patch #258128 by webchick: @parameter should be @param. Gets the Most Trivial Patch of the Month Award.
Backport by gpk. - #140162 by maartenvg. Clear the PHP stat cache after resizing images.
- #214390 by shrop. Partial backport of #153998, use a separate permission for blogapi since it does not depend on blog module.
- #264647 by clemens.tolboom. Fix seconds parsing for XML-RPC dates.
- #155337 by gpk and Bevan: only treat newlines teaser breakers, if the newline filter is present in the particular input format
- - Patch #169899 by Island Usurper: taxonomy caching not always working.
- #171461 by chx, ejhildreth and dvessel: empty tbody fails validation. Backport by m1mic.
- #193891 by mvc: fix NOTICE in database.mysqli.inc because of possibly missing port number
- - Patch #273761 by catch: removed inconsistent delete behavior of nodes. It would leave comments, ratings, etc behind in the database.
- #159538 by Wesley Tanaka. 404 instead of showing recent blog posts for invalid paths.
- - Patch #180646 by John Morahan: SQL in taxonomy_get_term_by_name() should use = instead of LIKE.
- #276615 by JacobSingh. Clear page cache when CSS cache is cleared?
