Moodle 2.0.6 release notes: Difference between revisions
From MoodleDocs
(Adding release information) |
(Adding security issues) |
||
Line 12: | Line 12: | ||
===Security issues=== | ===Security issues=== | ||
* [http://moodle.org/mod/forum/discuss.php?d=191747 MSA-11-0042] - Information leak in Wiki | |||
* [http://moodle.org/mod/forum/discuss.php?d=191750 MSA-11-0044] - Expired identification information shown in Web services | |||
* [http://moodle.org/mod/forum/discuss.php?d=191751 MSA-11-0045] - Potential to masquerade through MNet | |||
* [http://moodle.org/mod/forum/discuss.php?d=191754 MSA-11-0047] - Possible injection attack in Calendar | |||
* [http://moodle.org/mod/forum/discuss.php?d=191755 MSA-11-0048] - Password loss issue | |||
* [http://moodle.org/mod/forum/discuss.php?d=191758 MSA-11-0050] - Backup capability issue | |||
* [http://moodle.org/mod/forum/discuss.php?d=191759 MSA-11-0051] - Authentication issue with Web services | |||
* [http://moodle.org/mod/forum/discuss.php?d=191760 MSA-11-0052] - Potential to exploit developer debugging scripts | |||
* [http://moodle.org/mod/forum/discuss.php?d=191761 MSA-11-0053] - Security and system administration conflict | |||
* [http://moodle.org/mod/forum/discuss.php?d=191762 MSA-11-0054] - Personal information leak | |||
===Fixes and improvements=== | ===Fixes and improvements=== | ||
Revision as of 08:40, 6 December 2011
Releases > Moodle 2.0.6 release notes
Release date: 28th November, 2011
Here is the full list of fixed issues in 2.0.6.
Highlights
- MDL-27037 - Wiki 2.0 respects 'visible groups' functionality
- MDL-29960 - Dropbox repository now functioning with new API
Security issues
- MSA-11-0042 - Information leak in Wiki
- MSA-11-0044 - Expired identification information shown in Web services
- MSA-11-0045 - Potential to masquerade through MNet
- MSA-11-0047 - Possible injection attack in Calendar
- MSA-11-0048 - Password loss issue
- MSA-11-0050 - Backup capability issue
- MSA-11-0051 - Authentication issue with Web services
- MSA-11-0052 - Potential to exploit developer debugging scripts
- MSA-11-0053 - Security and system administration conflict
- MSA-11-0054 - Personal information leak
Fixes and improvements
- MDL-28292 - Removed possibility to 'lose' a block by docking it
- MDL-29542 - Lesson no longer gets corrupted after creating a new question
- MDL-30010 - Core themes which have pagelayout problems when moving blocks have been fixed
- MDL-29529 - Fixed database error when assignments were sorted by status
- MDL-30375 - Comments block no longer disappears when cancel is clicked
- MDL-30398 - Lesson no longer accepts blank password