The Drupal project has released version 4.6.3 of its open-source content management platform. Drupal 4.6.3 is a maintenance release that fixes problems reported using the bug tracking system. Drupal 4.6.3 also fixes a new security vulnerability in the third-party XML-RPC library that Drupal ships with. Since the same bug is also present in the Drupal 4.5 series, Drupal 4.5.5 is released as well. If you cannot upgrade at once, we strongly suggest that you remove the xmlrpc.php file from your Drupal installation's root directory. The xmlrpc.php file is used only for Drupal to receive XML-RPC calls.
Upgrading your existing Drupal sites is strongly recommended; otherwise your site may get hacked into by malicious persons.
There are no new features in these installments. For more information about the Drupal 4.6.x release series, please consult the Drupal 4.6.0 release announcement.