Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By Gábor Hojtsy on
Drupal 6.18 and 5.23, maintenance releases which fix security vulnerabilities are now available for download.
Drupal 6.19 also fixes other small issues reported through the bug tracking system.
Upgrading your existing Drupal 5 and 6 sites is strongly recommended. There are no new features in these releases. For more information about the Drupal 6.x release series, consult the Drupal 6.0 release announcement, more information on the 5.x releases can be found in the Drupal 5.0 release announcement. Drupal 5 will no longer be maintained when Drupal 7 is released. Upgrading to Drupal 6 is recommended.
Security information
We have a security announcement mailing list, a history of all security advisories, and an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.
Drupal 6 also includes the built-in Update status module, which informs you about important updates to your modules and themes.
Bug reports
Both Drupal 5.x and 6.x branches are being maintained, so given enough bug fixes (not just bug reports) more maintenance releases will be made available.
Changelog
Drupal 6.18 only includes fixes for security issues. Drupal 6.19 also includes bugfixes. The full list of changes between the 6.17 and 6.19 releases can be found by reading the 6.19 release notes. A complete list of all bug fixes in the stable DRUPAL-6 branch can be found at http://drupal.org/project/cvs/3060/?branch=DRUPAL-6.
The full list of changes between the 5.22 and 5.23 releases can be found by reading the 5.23 release notes. A complete list of all bug fixes in the stable DRUPAL-5 branch can be found at http://drupal.org/project/cvs/3060/?branch=DRUPAL-5.
Security vulnerabilities
Drupal 5.23, 6.18 and 6.19 were released in response to the discovery of security vulnerabilities. Details can be found in the official security advisory:
To fix the security problem, please upgrade Drupal. We made two versions of Drupal 6 available, so you can choose to only include security fixes (Drupal 6.18) or security fixes and bugfixes (Drupal 6.19). You can choose your preferred version. We are trying to make it easier and quicker to roll out security updates by making security-only releases available as well as ones with bugfixes included. We hope this helps you roll out the fixes as soon as possible.
Update notes
These releases did not change the .htaccess, (default.)settings.php and robots.txt files, so you can keep your existing files intact, if you have modifications in them.
