Moodle 1.9.4 release notes

From MoodleDocs
Revision as of 19:35, 11 May 2012 by Séverin Terrier (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Release date: 28th January 2009

Here is the full list of fixed issues in 1.9.4.

Contents

Highlights

Security issues

  • MSA-09-0001 No way easy to remove pictures of deleted users
  • MSA-09-0002 User pix disclosure
  • MSA-09-0003 Vulnerability in Snoopy 1.2.3
  • MSA-09-0004 XSS vulnerabilities in HTML blocks if "Login as" used
  • MSA-09-0005 Moodle 'spell-check-logic.cgi' Insecure Temporary File Creation Vulnerability
  • MSA-09-0006 Calendar export may allow brute force attacks
  • MSA-09-0007 Missing input validation in logs allows potential XSS attacks
  • MSA-09-0008 CSRF vulnerability in forum code

New language strings file

  • report_security.php

New language pack

  • Kazakh - Калима Туенбаева

(See Translation credits for additional details.)

Known problems and regressions

  • New Security overview report on large sites extremely slow and overloading database server MDL-18040 - update to latest weekly or copy /admin/report/security/* files from latest weekly

See also

Personal tools
User docs (English)