Drupal 6.2 fixing security issues Released

Drupal 6.2 is now available HERE Drupal 6.2 Release Note This release fixes security vulnerabilities and also changes APIs. Sites are urged to upgrade immediately after reading the security announcement: * SA-2008-026 - Drupal core - Drupal core - Access bypass In addition to this security vulnerability, the following bugs have been fixed since the 6.0 release: * #228120 by jvandyk: typo in documentation in comment.tpl.php * #226480 by gpk: fix wording on when node access rebuild button is displayed in node_configure() * #229817 by mcarrera: l() attributes were not properly specified in theme.inc's theme_username() * #234403 by alienbrain: PHP.net documents we should use CRLF in mail headers, so do that * #226555 by jvandyk, Rok Zlender: fix notice level error in xmlrpc.inc * #204415 by chx: actually use 'administer content types' permission for node type editing instead of 'administer nodes' * #234699 by hass: theme_link() did not mark frontpage links active properly * #237717 by hass: missing t() in system_clear_cache_submit() * #232037 by pwolanin: (performance) block regions should only be populated when called for, not in all cases (fixes performance expectation on 403/404 pages) * #226728 by chx: (performance) temporary cache table entries were not flushed, causing cache_menu and cache_form to grow big * #231587 by pwolanin, killes: (performance) use two level cache in menus, instead of storing very large amounts of data multiple times * #239196 by jvandyk and myself: missing status check on nodes in search indexing counter * rolling back #234403 by Bevan and damz: we should keep using LF in mail headers, without CR, CRLF causes problems * #238564 by scor: two missing t() calls in update.module * #241629 by solotandem: dblog module left one more row in, when cleaning up in cron * #244597 by kbahey: remove cruft from user_login(), that added extra message to the form was never used or displayed