c14b6d3f02
This release fixes security vulnerabilities and also changes APIs. Sites are urged to upgrade immediately after reading the security announcement: * SA-2008-026 - Drupal core - Drupal core - Access bypass In addition to this security vulnerability, the following bugs have been fixed since the 6.0 release: * #228120 by jvandyk: typo in documentation in comment.tpl.php * #226480 by gpk: fix wording on when node access rebuild button is displayed in node_configure() * #229817 by mcarrera: l() attributes were not properly specified in theme.inc's theme_username() * #234403 by alienbrain: PHP.net documents we should use CRLF in mail headers, so do that * #226555 by jvandyk, Rok Zlender: fix notice level error in xmlrpc.inc * #204415 by chx: actually use 'administer content types' permission for node type editing instead of 'administer nodes' * #234699 by hass: theme_link() did not mark frontpage links active properly * #237717 by hass: missing t() in system_clear_cache_submit() * #232037 by pwolanin: (performance) block regions should only be populated when called for, not in all cases (fixes performance expectation on 403/404 pages) * #226728 by chx: (performance) temporary cache table entries were not flushed, causing cache_menu and cache_form to grow big * #231587 by pwolanin, killes: (performance) use two level cache in menus, instead of storing very large amounts of data multiple times * #239196 by jvandyk and myself: missing status check on nodes in search indexing counter * rolling back #234403 by Bevan and damz: we should keep using LF in mail headers, without CR, CRLF causes problems * #238564 by scor: two missing t() calls in update.module * #241629 by solotandem: dblog module left one more row in, when cleaning up in cron * #244597 by kbahey: remove cruft from user_login(), that added extra message to the form was never used or displayed |
||
|---|---|---|
| .. | ||
| files | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| MESSAGE | ||
| options.mk | ||
| PLIST | ||