Moodle 3.9.13 release notes
From MoodleDocs
| Important:
This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date. Why not view this page on the new site and help us to migrate more content to the new site! |
This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 3.9.13 release notes
Release date: 14 March 2022
Here is the full list of fixed issues in 3.9.13.
Backported bug fixes
- MDL-73915 - Bump NodeJS version, dependencies, and update JS build process, drop IE support
- MDL-73588 - Unexpected content in the CURLOPT_FILE output stream on redirects
Security fixes
- MSA-22-0005 SQL injection risk in Badges criteria code
- MSA-22-0006 Users with moodle/site:uploadusers but without moodle/user:delete could delete users
- MSA-22-0007 Possible to reach the profile field badge criteria on a course page
- MSA-22-0008 Upgrade PHPMailer to latest version (upstream)
- MSA-22-0009 Upgrade CKEditor included in h5p-editor-php-library to latest version (upstream)
