Moodle 3.5.16 release notes: Difference between revisions
From MoodleDocs
m (→Security fixes) |
|||
Line 17: | Line 17: | ||
* MDL-68896 - SCORM error in Chrome because of "XHR in page dismissal" policy change | * MDL-68896 - SCORM error in Chrome because of "XHR in page dismissal" policy change | ||
==Security | ==Security fixes== | ||
* [https://moodle.org/mod/forum/discuss.php?d=417168 MSA-21-0003] Client side denial of service via personal message | * [https://moodle.org/mod/forum/discuss.php?d=417168 MSA-21-0003] Client side denial of service via personal message | ||
* [https://moodle.org/mod/forum/discuss.php?d=417170 MSA-21-0004] Stored XSS possible via TeX notation filter | * [https://moodle.org/mod/forum/discuss.php?d=417170 MSA-21-0004] Stored XSS possible via TeX notation filter |
Revision as of 03:53, 7 May 2021
This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 3.5.16 release notes
Release date: 18 January 2021
Here is the full list of fixed issues in 3.5.16.
For developers
- MDL-70265 - Reduce the number of phpunit runs in core's .travis.yml
- MDL-70276 - Add support for github actions to moodle.git
- MDL-70148 - Write new keyboard steps for Behat
Backported bug fixes
- MDL-68896 - SCORM error in Chrome because of "XHR in page dismissal" policy change
Security fixes
- MSA-21-0003 Client side denial of service via personal message
- MSA-21-0004 Stored XSS possible via TeX notation filter
- MSA-21-0005 Arbitrary PHP code execution by site admins via Shibboleth configuration