As per the security announcement regarding a cross-site scripting vulnerability in the Node Reference module, we've released tag 2007-08-15s. Yes, the lowercase 's' breaks with our previous practice of using uppercase: 'S' looks too much like '5', especially since today's date is the 15th.

We've also updated the Calendar module to 1.5. Note that if you see a "user warning" error that relates to the calendar_ical table missing when running update.php, you can safely disregard that error. See the bug report on Drupal.org and the subsequent commentary for more information. Briefly, there are no longer any database tables required for the Calendar ICal module. If the tables never existed in your database, the update.php script still attempts to remove them, resulting in the error message.

This release contains database updates, so make sure to backup your database and then run the update.php script. It's all in our instructions in maintaining your version of Drupal 5 on your VPS.