Moodle 1.9.9 release notes: Difference between revisions
From MoodleDocs
Helen Foster (talk | contribs) (→Highlights: MDL-21218) |
Helen Foster (talk | contribs) m (spacing) |
||
Line 15: | Line 15: | ||
* [http://moodle.org/mod/forum/discuss.php?d=152368 MSA-10-0012] KSES Security Filter Bypassing vulnerability | * [http://moodle.org/mod/forum/discuss.php?d=152368 MSA-10-0012] KSES Security Filter Bypassing vulnerability | ||
* [http://moodle.org/mod/forum/discuss.php?d=152369 MSA-10-0013] Potential Cross Site Scripting vulnerability in Quiz reports | * [http://moodle.org/mod/forum/discuss.php?d=152369 MSA-10-0013] Potential Cross Site Scripting vulnerability in Quiz reports | ||
<noinclude> | <noinclude> | ||
==See also== | ==See also== | ||
*[[Moodle 1.9.8 release notes]] | *[[Moodle 1.9.8 release notes]] | ||
*[[Moodle 1.8.13 | *[[Moodle 1.8.13 release notes]] | ||
[[Category:Release notes]] | [[Category:Release notes]] |
Latest revision as of 15:26, 1 March 2011
Release date: 8th June, 2010
Here is the full list of issues fixed in 1.9.9
Highlights
- MDL-21218 New gradebook course setting 'Hide totals if they contain hidden items' for controlling whether totals containing hidden grade items are shown to students
- Some general minor bugs fixed in different areas.
Security issues
Some of these vulnerabilities are potentially serious so we strongly recommend you upgrade.
- MSA-10-0010 Persistent Cross Site Scripting vulnerability in the MNET access control interface
- MSA-10-0011 Cross Site Scripting vulnerability in blog/index.php
- MSA-10-0012 KSES Security Filter Bypassing vulnerability
- MSA-10-0013 Potential Cross Site Scripting vulnerability in Quiz reports