Project Release Information
Resolves a vulnerability that allows blocked users to appear in user search results, even when the search results are viewed by unprivileged users. An arbitrary PHP code execution vulnerability was also fixed in the file upload module.
Resolves security issues with an access bypass in the user and upload modules as well as arbitrary PHP code execution in the file upload module.
Reverses a patch for validating email addresses with a trailing period, fixes a theme error when using drush, and fixes a locale module upgrade error.
This release fixes a wide variety of miscellaneous bugs.
This release fixes an XSRF vulnerability in the Aggregator module and verification of signed attributes in SREG and AX for OpenID.
Drupal is a modular content management system, forum, blogging and community engine. It is database driven and can be used with MySQL, MariaDB, PostgreSQL, and SQLite. Its features include (but are not limited to) discussion forums, Web-based administration, theme support, a submission queue, content rating, content versioning, taxonomy support, user management with a fine-grained permission system based on user roles (groups), error logging, support for content syndication, locale support, and much more. It is considered to be an excellent platform for developers due to its clean code and extensibility, and it can also be used as a Web application framework.