Moodle 1.9.2 release notes: Difference between revisions
From MoodleDocs
Helen Foster (talk | contribs) (see also) |
mNo edit summary |
||
Line 3: | Line 3: | ||
Here is [http://tracker.moodle.org/secure/BrowseVersion.jspa?id=10011&versionId=10280&showOpenIssuesOnly=false the full list of fixed issues in 1.9.2]. | Here is [http://tracker.moodle.org/secure/BrowseVersion.jspa?id=10011&versionId=10280&showOpenIssuesOnly=false the full list of fixed issues in 1.9.2]. | ||
==Highlights== | ===Highlights=== | ||
* Compatibility fixes for MSSQL, Oracle and PostgreSQL | * Compatibility fixes for MSSQL, Oracle and PostgreSQL | ||
* Improved triggering of core events (though contributed code needs to be updated - see MDL-9983) | * Improved triggering of core events (though contributed code needs to be updated - see MDL-9983) | ||
Line 11: | Line 11: | ||
* Quiz report enhancements and bug fixes (see [[Development:Quiz report enhancements|Quiz report enhancements]] for full list, though most are planned for Moodle 2.0) | * Quiz report enhancements and bug fixes (see [[Development:Quiz report enhancements|Quiz report enhancements]] for full list, though most are planned for Moodle 2.0) | ||
==Security issues== | ===Security issues=== | ||
* [http://moodle.org/mod/forum/discuss.php?d=101402 MSA-08-0010]: sql injection in HotPot module | * [http://moodle.org/mod/forum/discuss.php?d=101402 MSA-08-0010]: sql injection in HotPot module | ||
* [http://moodle.org/mod/forum/discuss.php?d=101404 MSA-08-0012]: Potential non-persistent XSS when searching for group members (MSSQL and Oracle only) | * [http://moodle.org/mod/forum/discuss.php?d=101404 MSA-08-0012]: Potential non-persistent XSS when searching for group members (MSSQL and Oracle only) |
Revision as of 14:19, 1 December 2008
Release date: 11th July 2008
Here is the full list of fixed issues in 1.9.2.
Highlights
- Compatibility fixes for MSSQL, Oracle and PostgreSQL
- Improved triggering of core events (though contributed code needs to be updated - see MDL-9983)
- Email change confirmation and other improvements relating to reducing the risk of spam
- Forum subscription improvements
- Setting for deleting not-fully-set-up accounts
- Quiz report enhancements and bug fixes (see Quiz report enhancements for full list, though most are planned for Moodle 2.0)
Security issues
- MSA-08-0010: sql injection in HotPot module
- MSA-08-0012: Potential non-persistent XSS when searching for group members (MSSQL and Oracle only)
- MSA-08-0014: potential sql injection in events handling code
- MSA-08-0015: accessible profiles of deleted users
- MSA-08-0016: Email could be changed in profile without confirmation