Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 3.9.5 release notes

From MoodleDocs
Important:

This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.

Why not view this page on the new site and help us to migrate more content to the new site!

Releases > Moodle 3.9.5 release notes

Note: For sites upgrading from an earlier version, please upgrade to 3.9.6 and skip this version, as it is affected by an upgrade step which may corrupt calendar events (MDL-71156).


Release date: 8 March 2021

Here is the full list of fixed issues in 3.9.5.

General fixes and improvements

  • MDL-67959 - The default group icon should not be displayed when there is no group picture
  • MDL-67515 - Uninstalled plugin breaks the custom lang tool if it had some strings customised
  • MDL-66979 - Switch all the Behat testing to the new W3C drivers
  • MDL-68970 - Pages during a quiz attempt should not be cached, so forwards/back do not lead to errors
  • MDL-57020 - Unable to delete scales which are no longer used
  • MDL-70268 - Dropbox repository requires log on to work - which fails
  • MDL-46256 - count_words returns too few words when dealing with html tags
  • MDL-70048 - Dropbox Search API: /files/search is being retired in favor of /files/search_v2
  • MDL-69867 - Marking workflow display wrong current grade if using scales
  • MDL-70736 - Unable to load Marking Guide Templates
  • MDL-70796 - Moodle word count does not match other software
  • MDL-69101 - Essay question: "Accepted file types" and other new fields are not supported in Moodle XML file
  • MDL-70377 - When reviewing an attempt as a teacher $string['saved'] {$a} not replaced
  • MDL-43697 - Archived badges are restored during course restore
  • MDL-70528 - Can't add block to H5P (core) activity
  • MDL-70676 - Workshop assessment aspect with no grade is unusable
  • MDL-70631 - Poor performance of zip_packer::extract_to_pathname()
  • MDL-68958 - Undefined variable: href when creating IMSCP
  • MDL-70339 - Activity chooser does not honour external tool icons
  • MDL-56772 - File picker:Right align table column headers, in RTL mode (theme:boost)
  • MDL-70513 - Quiz manual grading page should warn if you try to leave with unsaved data
  • MDL-70705 - Multilang Filters not applied to Recent blog entries block Blog entry titles
  • MDL-70552 - Notification of submissions are not sent for anonymous feedback
  • MDL-70574 - Cloze multianswer question leaks percentage if with decimal
  • MDL-66932 - Grade percentage display in Gradebook should be LTR, in RTL mode
  • MDL-70912 - Cannot access H5P content bank popup in Atto editor within mod_data textarea
  • MDL-70264 - badges/oauth2callback.php should be removed and replaced by admin/oauth2callback.php
  • MDL-67974 - Badge expiry error and missing expired stamp
  • MDL-67494 - Course/activity calendar events are deleted when the teacher who created them requests their data to be deleted
  • MDL-70995 - Group names not formatted in course participants filter
  • MDL-69883 - Unable to scroll beyond 50 conversations in Messages tool
  • MDL-69097 - Language filters aren't correctly applied in "Whole forum grading"

Accessibility improvements

  • MDL-70169 - Login page accessibility issues
  • MDL-70288 - Checkbox and advanced checkbox elements can have duplicate labels
  • MDL-70173 - Dashboard accessibility issues
  • MDL-65390 - Accessibility #11 Content appears above “show more” button
  • MDL-59782 - Question bank highlight of last added question is wrong in boost
  • MDL-70172 - Site home page accessibility issues

Security fixes

  • MSA-21-0006 Stored XSS via ID number user profile field
  • MSA-21-0007 Stored XSS and blind SSRF possible via feedback answer text
  • MSA-21-0008 User full name disclosure within online users block
  • MSA-21-0009 Bypass email verification secret when confirming account registration
  • MSA-21-0010 Fetching a user's enrolled courses via web services did not check profile access in each course
  • MSA-21-0011 JQuery versions below 3.5.0 contain some potential vulnerabilities (upstream)

See also