Moodle 1.8.12 release notes: Difference between revisions

Latest revision as of 13:42, 31 March 2010

Release date: 27th March 2010

None, just bug fixes

MSA-10-0001 Vulnerability in KSES text cleaning
MSA-10-0002 XSS vulnerabilty in the phpcas module
MSA-10-0003 Disclosure of full user names
MSA-10-0005 Incorrect validation of forms data
MSA-10-0006 SQL injection in Wiki module
MSA-10-0007 Reflective Cross Site Scripting (XSS) in the Moodle Global Search Engine
MSA-10-0008 Persistent XSS when using Login-as feature
MSA-10-0009 Session fixation prevention now turned on by default

@@ Line 1: / Line 1: @@
-Release date: Not yet released
+Release date: 27th March 2010
+Here is [http://tracker.moodle.org/browse/MDL/fixforversion/10401 the full list of fixed issues in 1.8.12].
+===Functional changes===
+None, just bug fixes
 ===Security issues===
-To be released later
+* [http://moodle.org/mod/forum/discuss.php?d=147093 MSA-10-0001] Vulnerability in KSES text cleaning
+* [http://moodle.org/mod/forum/discuss.php?d=147095 MSA-10-0002] XSS vulnerabilty in the phpcas module
+* [http://moodle.org/mod/forum/discuss.php?d=147096 MSA-10-0003] Disclosure of full user names
+* [http://moodle.org/mod/forum/discuss.php?d=147099 MSA-10-0005] Incorrect validation of forms data
+* [http://moodle.org/mod/forum/discuss.php?d=147102 MSA-10-0006] SQL injection in Wiki module
+* [http://moodle.org/mod/forum/discuss.php?d=147103 MSA-10-0007] Reflective Cross Site Scripting (XSS) in the Moodle Global Search Engine
+* [http://moodle.org/mod/forum/discuss.php?d=147106 MSA-10-0008] Persistent XSS when using Login-as feature
+* [http://moodle.org/mod/forum/discuss.php?d=147107 MSA-10-0009] Session fixation prevention now turned on by default
+<noinclude>==See also==
+*[[Moodle 1.8.11 release notes]]
 [[Category:Release notes]]
 [[Category:Moodle 1.8]]
+[[de:Moodle 1.8.12 Versionsinformationen]]
+[[es:Notas de Moodle 1.8.12]]
 [[fr:Notes de mise à jour de Moodle 1.8.12]]
+</noinclude>