Drupal Release: 6.1

TL;DR

Drupal 6.1 is a maintenance release that addresses several minor bugs and includes an important security fix (SA-2008-18). This release focuses on fixing issues with theme CSS overrides, database escaping functions, and cleaning up code documentation. While the changes are relatively small in scope, the security fix makes this an important update for all Drupal 6.0 sites.

Highlight of the Release

• Security fix addressing SA-2008-18 vulnerability
• Fixed issue with module CSS files not being properly overridden by theme .info files
• Corrected misuse of database escaping functions
• Improved code documentation in menu.inc

Migration Guide

No specific migration steps are required for this update. As a maintenance release, Drupal 6.1 should be a straightforward upgrade from Drupal 6.0 without requiring any special migration procedures or configuration changes. Standard Drupal update procedures should be followed.

Upgrade Recommendations

Priority: High

All Drupal 6.0 sites should upgrade to Drupal 6.1 as soon as possible due to the included security fix (SA-2008-18). While the bug fixes are relatively minor, the security update makes this an important release to apply.

Follow the standard Drupal upgrade process:

1. Back up your database and site files
2. Put your site in maintenance mode
3. Replace your existing Drupal core files with the new 6.1 release
4. Run the update script (update.php)
5. Take your site out of maintenance mode

Bug Fixes

• Theme CSS Override Issue: Fixed a bug (#189568) where module CSS files were not being properly overridden by theme .info files, allowing theme developers to correctly customize the appearance of modules.

• Block Sorting Notice: Eliminated a PHP notice that appeared when sorting blocks (#212608), making the admin interface cleaner and preventing unnecessary warnings in logs.

• Database Escaping Function: Corrected improper use of db_escape_string() where db_escape_table() should have been used (#227548), preventing potential issues with database queries involving table names.

New Features

No significant new features were added in this maintenance release. Drupal 6.1 focuses on bug fixes, security improvements, and code documentation enhancements rather than introducing new functionality.

Security Updates

This release includes an important security fix referenced as SA-2008-18 (#227608). While specific details about the vulnerability are not provided in the commit messages, the inclusion of a security advisory (SA) number indicates this is an important security update that all Drupal 6.0 site administrators should apply to protect their sites.

Performance Improvements

No specific performance improvements were highlighted in this release. The changes were primarily focused on bug fixes, security improvements, and code documentation rather than performance enhancements.

Impact Summary

Drupal 6.1 is primarily a security and bug fix release that addresses several minor issues while providing an important security update. The most significant impact comes from fixing the theme CSS override functionality, which improves theme developers' ability to customize module appearances. The security fix (SA-2008-18) is crucial for maintaining site security, making this update important despite its relatively small scope. The correction of database escaping functions helps prevent potential database issues, while code documentation improvements make the codebase more maintainable for developers. Overall, this is a maintenance release that focuses on stability and security rather than new features.