Drupal 5.15

The fifteenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

• SA-CORE-2009-001 Drupal core - Multiple vulnerabilities

In addition to this security vulnerability, the following bugs have been fixed since the 5.14 release:

• #348269 by Darren Oh. Add missing * in the expand_password_confirm() comment.
• #202688. Backport from 6.x.
• #103528 by gpk, hass & salvis. Provide a useful message when the color picker is disabled due to the download method.
• #350708 by dww. Backport t() documentation improvements from D6.
• #157353 by Freso and tangent. Remove a needless dash from RSS feed title.
• #323386 by mariuss: The selection type in profile module expects items each on their own line and should not break items on commas
• #252921 by k4ml. Use correct placeholder.
• #61108 by Uwe Hermann: update LICENSE.txt with latest version of GPL2 text
• - Patch #335385 by Dave Reid: fixed maxlength of path alias fields to be consistent with the database.
• #346285 by grendzy, Damien Tournoud, thekevinday et al: fixed problem when HTTP_HOST is not transmitted