This is a patch (bugfix) release of Drupal 9 and is ready for use on production sites. Learn more about Drupal 9.
Drupal 9.2.x will receive security coverage until June 2022 when Drupal 9.4.0 is released.
If you are upgrading from Drupal 8, read upgrading a Drupal 8 site to Drupal 9, 9.0.0 release notes, and the 9.2.0 release notes before upgrading to this release.
Important update information
Composer is a development dependency and tool used by Drupal. Today the Composer project released a security advisory.
This Drupal release updates Composer to the latest version as a security hardening. The locked version of the composer/composer package has been updated from 2.1.12 to 2.2.12.
No other changes are included.
It is also recommended that site owners update the version of Composer they use on the command line. To see which version of Composer is in use, run:
composer --version
To update Composer 1:
composer self-update 1.10.26
To update Composer 2.0 through 2.2:
composer self-update 2.2.12
To update Composer 2.3:
composer self-update 2.3.5