| Version | Change log |
| Drupal 11.1.3 Feb 20, 2025 |
This release fixes security vulnerabilities. Sites are urged to update immediately after reading the notes below and the security announcements: Drupal core - Critical - Cross-Site Scripting - SA-CORE-2025-001 Drupal core - Moderately critical - Access Bypass - SA-CORE-2025-002 Drupal core - Moderately critical - Gadget chain - SA-CORE-2025-003 No other fixes are included. Drupal 11.1.x will receive security coverage until December 2025 when Drupal 11.3.0 is released. Sites on Drupal 11.0.x should update immediately to Drupal 11.0.12. Sites on Drupal 10.4.x should update immediately to Drupal 10.4.3. Sites on Drupal 10.3.x should update immediately to Drupal 10.3.13. Drupal 10.2.x and below are end-of-life and do not receive security coverage. |
| Drupal 11.1.2 Feb 7, 2025 |
All changes in this release: Issue #3495881 by godotislate, bkosborne, catch, kushagra.goyal: Firefox retains form_build_id on form reloads, causing old form cache entry to be used and creating weird behavior for the Media Library widget Issue #3503556 by tom konda: Wrong Regular Expression for string comparison in Nightwatch.js assertion Issue #3503195 by alexpott, longwave, loopy1492: Twig needs updating for CVE-2025-24374 Issue #3486797 by alecsmrekar, shalini_jha, smustgrave, amateescu: Updating path alias language in workspace does not work Issue #3502466 by alexpott, borisson_: Fix reference to core_field_views_data() Issue #3493410 by plopesc, catch, smustgrave: Consider a more substantial shortcuts placeholder Issue #3502487 by lauriii, oily, ckrina: Make the menu link form less verbose Issue #3485174 by fago, arthur_lorenz, alexpott, smustgrave: Menu APIs provide invalid CSRF tokens Issue #3502427 by alexpott, smustgrave: Fix references to DrupalTestsKernelTestBase Issue #3501059 by claudiu.cristea: Remove claudiu.cristea from MAINTAINERS.txt Issue #3501361 by chr.fritsch: Remove chr.fritsch from MAINTAINERS.txt Issue #3501210 by dawehner: Remove dawehner from MAINTAINERS.txt Issue #3489179 by godotislate, ghost of drupal past: Referring the same entity multiple times breaks _referringItem Issue #3462700 by niklan, richardgaunt, smustgrave, pdureau: Update ComponentValidator to always include the component ID Issue #3488293 by oily, maneesha binish, plopesc, m4olivei, pameeela: Help link always appears in navigation Issue #3367556 by vensires, danchadwick, detroz, g089h515r806, groendijk: SDC components CSS & JS generated wrong url in windows / XAMPP Issue #2886800 by jonathanshaw, claudiu.cristea, quietone, hctom, geek-merlin, larowlan, sam152, joachim, smustgrave: EntityAccessControlHandler::createAccess() returns false positive cache hits because it ignores context Issue #3500774 by kul.pratap, benjifisher: Fix errors in SourcePluginBase doc block Issue |
| Drupal 11.1.0 Dec 19, 2024 |
This is a a feature minor release of Drupal 11 and is ready for use on production sites. Learn more about Drupal 11 and the Drupal core release cycle. This minor release provides improvements and new functionality. It does not break backward compatibility (BC) for public APIs. There may be changes in internal APIs and experimental modules. If so, contributed and custom modules and themes may need updating. This is according to Drupal core's backward compatibility and experimental module policies. This release may include string changes and additions. Translators can review the latest translation status on localize.drupal.org. Drupal 11.1.x will receive security support until December 2025. Drupal 11.0.x will continue to receive security support until June 2025. 11.1.0 tag has been moved: Due to a packaging issue the 11.1.0 tag has been moved and recreated. This will not affect anything unless you fetched tags between Friday December 13th 2024 and Monday December 16th 2024. Changes to site-owner-managed files A directive has been added to the default .htaccess file that attaches the correct image/webp header for webp images when the MIME Apache module is enabled. This is needed for sites hosted on Apache web servers running on operating systems that do not support the webp image MIME type. These sites should update their .htaccess files to take advantage of this improvement. The sid_length and sid_bits_per_character configuration options are no longer supported in PHP 8.4 or Symfony 7.2, so they have been removed from default.services.yml. Sites should remove these settings from any services.yml files. The "Access the Content blocks overview page" permission is no longer required to create blocks. This means that roles that have "Create new content block" permission for a given block type will be able to create these blocks when they could not in previous releases. Site owners should audit their Block Content permissions to ensure that block creat |
Total downloads
17
Last month's downloads
2
Last week's downloads
1
Microsoft .NET Core is a powerful, open-source framework designed for building modern applications that run seamlessly ... capabilities ensure that applications can be deployed on Windows, macOS, and Linux without hassle. One of the standout ... applications that are both agile and resilient. The framework also boasts a rich ecosystem of libraries and ...
... Download Club is proud to present the CoreTML Framework, an innovative software developed by the talented CoreTML ... With its user-friendly interface and robust functionality, this powerful framework is perfect for businesses and developers alike. The CoreTML Framework offers a multitude of features, including dynamic content ...
Looking for reliable and high-performance SNMP API software? Look no further than iReasoning Java SNMP API! Developed by the industry-leading tech company iReasoning Inc., ... administrator, developer, or IT professional, iReasoning Java SNMP API is the ideal software to help you manage ...
