Moodle 1.8.12 release notes: Difference between revisions
From MoodleDocs
m (French link) |
Helen Foster (talk | contribs) (→Security issues: MSA-10-0005) |
||
(7 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
Release date: | Release date: 27th March 2010 | ||
Here is [http://tracker.moodle.org/browse/MDL/fixforversion/10401 the full list of fixed issues in 1.8.12]. | |||
===Functional changes=== | |||
None, just bug fixes | |||
===Security issues=== | ===Security issues=== | ||
* [http://moodle.org/mod/forum/discuss.php?d=147093 MSA-10-0001] Vulnerability in KSES text cleaning | |||
* [http://moodle.org/mod/forum/discuss.php?d=147095 MSA-10-0002] XSS vulnerabilty in the phpcas module | |||
* [http://moodle.org/mod/forum/discuss.php?d=147096 MSA-10-0003] Disclosure of full user names | |||
* [http://moodle.org/mod/forum/discuss.php?d=147099 MSA-10-0005] Incorrect validation of forms data | |||
* [http://moodle.org/mod/forum/discuss.php?d=147102 MSA-10-0006] SQL injection in Wiki module | |||
* [http://moodle.org/mod/forum/discuss.php?d=147103 MSA-10-0007] Reflective Cross Site Scripting (XSS) in the Moodle Global Search Engine | |||
* [http://moodle.org/mod/forum/discuss.php?d=147106 MSA-10-0008] Persistent XSS when using Login-as feature | |||
* [http://moodle.org/mod/forum/discuss.php?d=147107 MSA-10-0009] Session fixation prevention now turned on by default | |||
<noinclude>==See also== | |||
*[[Moodle 1.8.11 release notes]] | |||
[[Category:Release notes]] | [[Category:Release notes]] | ||
[[Category:Moodle 1.8]] | [[Category:Moodle 1.8]] | ||
[[de:Moodle 1.8.12 Versionsinformationen]] | |||
[[es:Notas de Moodle 1.8.12]] | |||
[[fr:Notes de mise à jour de Moodle 1.8.12]] | [[fr:Notes de mise à jour de Moodle 1.8.12]] | ||
</noinclude> |
Latest revision as of 13:42, 31 March 2010
Release date: 27th March 2010
Here is the full list of fixed issues in 1.8.12.
Functional changes
None, just bug fixes
Security issues
- MSA-10-0001 Vulnerability in KSES text cleaning
- MSA-10-0002 XSS vulnerabilty in the phpcas module
- MSA-10-0003 Disclosure of full user names
- MSA-10-0005 Incorrect validation of forms data
- MSA-10-0006 SQL injection in Wiki module
- MSA-10-0007 Reflective Cross Site Scripting (XSS) in the Moodle Global Search Engine
- MSA-10-0008 Persistent XSS when using Login-as feature
- MSA-10-0009 Session fixation prevention now turned on by default