Posted to Ben Finklea's blog on July 15th, 2009

Update Drupal 5 & 6 Now

Even the best of us have our weaknesses. Superman has kryptonite, Marty McFly hates being called a “chicken”, and now Drupal has detected a few vulnerabilities. What sets these examples apart? Despite the achilles heel, they do some about it. In discovering a few security vulnerabilities in versions 5 and 6, Drupal now has maintenance releases available for download, versions 5.19 and 6.13.

Upgrading your existing Drupal 5 and 6 sites to versions 5.19 and 6.13 is strongly recommended by Drupal. However, these releases only fix the problems reported for security vulnerabilities, they do not carry any new features.

For a full list of changes that were implemented in 5.19, click here.

For a full list of changes that were implemented in 6.13, click here.

You can also fix the security problem with by patching Drupal, but it is recommended that you execute the full upgrade as the patches do not contain all the additional bug fixes that were included in the new releases. Even though these vulnerabilities exist, there is a solution available through the updated versions or patch work.

Volacci.® Your Profit. Our Passion.