Drupal Release: 7.72

TL;DR

Drupal 7.72 is a security release that addresses critical vulnerabilities identified as SA-CORE-2020-004. This update is essential for all Drupal 7 site owners to protect their websites from potential security exploits. The release focuses exclusively on security patches with no new features or performance improvements.

Highlight of the Release

• Critical security update addressing vulnerabilities identified as SA-CORE-2020-004
• Collaborative security fix developed by multiple core contributors
• Maintains compatibility with existing Drupal 7 sites

Migration Guide

No migration steps are required for this security update. Simply update your Drupal 7 installation to version 7.72 following the standard update procedure:

1. Back up your database and site files
2. Put your site into maintenance mode
3. Update your Drupal core codebase
4. Run the update script by navigating to /update.php in your browser
5. Take your site out of maintenance mode

If you're using Drush, you can update with:

drush up drupal

Upgrade Recommendations

Immediate Update Strongly Recommended

All Drupal 7 site owners should update to Drupal 7.72 immediately. This is a critical security release that addresses vulnerabilities that could potentially be exploited by malicious actors.

If you cannot update immediately, consider temporarily taking your site offline until you can apply the update.

For sites on Drupal 7, this update is straightforward and should not cause any compatibility issues with existing functionality or contributed modules.

Bug Fixes

This release primarily addresses security vulnerabilities rather than functional bugs. The specific details of the security fixes are contained in the SA-CORE-2020-004 security advisory.

New Features

No new features were introduced in this release. Drupal 7.72 is strictly a security update focused on addressing critical vulnerabilities.

Security Updates

Drupal 7.72 addresses critical security vulnerabilities detailed in the SA-CORE-2020-004 security advisory. The fix was developed collaboratively by multiple core contributors including samuel.mortenson, DorTumarkin, greggles, xjm, larowlan, webchick, pwolanin, dawehner, mcdruid, alexpott, and dsnopek.

For security reasons, specific details about the vulnerabilities are not disclosed in the release notes to prevent exploitation on unpatched sites. Site administrators should refer to the official Drupal Security Advisory for complete information about the nature of the vulnerabilities after updating their sites.

Performance Improvements

No specific performance improvements were included in this release. The update focuses exclusively on security fixes.

Impact Summary

Drupal 7.72 is a security-focused release that addresses critical vulnerabilities identified in the SA-CORE-2020-004 security advisory. While the release doesn't introduce new features or functionality changes, it significantly improves the security posture of Drupal 7 websites.

The security fixes were developed through collaboration among multiple core contributors, demonstrating the Drupal community's commitment to maintaining security for sites still running on Drupal 7, even as the platform approaches its end-of-life.

Site administrators should prioritize this update to protect their websites from potential security exploits. The update process is straightforward and should not impact existing site functionality.