Drupal Release: 5.7

TL;DR

Drupal 5.7 is a maintenance release that addresses several important issues including PHP 5.2 compatibility, improved form handling, and better server configuration documentation. This update focuses on stability and security rather than new features, making it an important upgrade for all Drupal 5.x sites.

Highlight of the Release

• Added support for PHP 5.2's 'recoverable fatal errors'
• Fixed Form API implementation issues
• Improved documentation for RewriteBase configuration in VirtualDocumentRoot environments
• Enhanced register globals value checking for better security

Migration Guide

No specific migration steps are required for this maintenance release. Standard update procedures apply:

1. Back up your database and site files
2. Put your site into maintenance mode
3. Replace your existing Drupal files with the new 5.7 release files (keeping your customized files)
4. Run the update script by visiting update.php in your browser
5. Take your site out of maintenance mode

As always, test the update on a staging environment before applying to your production site.

Upgrade Recommendations

This release contains important bug fixes and security enhancements. All sites running Drupal 5.x should upgrade to version 5.7 as soon as possible to ensure compatibility with PHP 5.2 environments and to benefit from the security improvements.

The update is particularly important for:

• Sites running on PHP 5.2
• Sites using VirtualDocumentRoot configurations
• Sites concerned about register_globals security implications

Given the focused nature of the changes, the upgrade risk is minimal, but standard backup procedures should still be followed.

Bug Fixes

• Fixed bad backport of issue #194579 related to Form API implementation
• Improved register globals value checking for more accurate detection of this security setting
• Addressed issues with PHP 5.2 compatibility by adding support for 'recoverable fatal errors'

New Features

No significant new features were added in this maintenance release. Drupal 5.7 focuses on bug fixes, compatibility improvements, and security enhancements to the existing functionality.

Security Updates

Security Enhancements

• Improved register globals value checking for more accurate detection of this PHP setting, which helps prevent potential security vulnerabilities when register_globals is enabled
• Better handling of PHP errors, including support for PHP 5.2's 'recoverable fatal errors', which helps prevent potential security issues related to unexpected script termination

Performance Improvements

No specific performance improvements were highlighted in this release. The focus was primarily on bug fixes, compatibility with PHP 5.2, and security enhancements.

Impact Summary

Drupal 5.7 is a targeted maintenance release that improves compatibility with PHP 5.2, enhances security through better register_globals detection, and fixes Form API implementation issues. While not introducing new features, it strengthens the stability and security of Drupal 5.x installations.

The most significant impact is for sites running on newer PHP environments, particularly PHP 5.2, as the added support for 'recoverable fatal errors' prevents potential site crashes. Additionally, server administrators using VirtualDocumentRoot configurations will benefit from improved documentation on proper RewriteBase settings.

Security is enhanced through more accurate register_globals value checking, which helps identify potentially vulnerable server configurations. The Form API fixes ensure more reliable form handling throughout the system.

Overall, this release represents an important maintenance update that all Drupal 5.x sites should apply to maintain compatibility and security.