« Notes de mise à jour de Moodle 2.0.2 » : différence entre les versions
De MoodleDocs
Aucun résumé des modifications |
|||
Ligne 31 : | Ligne 31 : | ||
=== Sécurité === | === Sécurité === | ||
* | * [http://moodle.org/mod/forum/discuss.php?d=170003 MSA-11-0003] Cross-site scripting vulnerability in tag autocomplete | ||
* [http://moodle.org/mod/forum/discuss.php?d=170004 MSA-11-0004] $CFG->forceloginforprofiles setting ignored in course profiles | |||
* [http://moodle.org/mod/forum/discuss.php?d=170005 MSA-11-0005] Cross-site scripting vulnerability in spikephpcoverage | |||
* [http://moodle.org/mod/forum/discuss.php?d=170006 MSA-11-0006] Cross-site request forgery and missing access control in course completion | |||
* [http://moodle.org/mod/forum/discuss.php?d=170008 MSA-11-0007] Cross-site scripting vulnerability in course tags | |||
* [http://moodle.org/mod/forum/discuss.php?d=170009 MSA-11-0008] IMS enterprise enrolment file may disclose sensitive information | |||
* [http://moodle.org/mod/forum/discuss.php?d=170010 MSA-11-0009] My profile block may disclose private information if used in user context | |||
* [http://moodle.org/mod/forum/discuss.php?d=170011 MSA-11-0010] Incorrect default for mod:course/delete capability in teacher role | |||
* [http://moodle.org/mod/forum/discuss.php?d=170012 MSA-11-0011] Multiple cross-site scripting problems in media filter | |||
<noinclude>=== Voir aussi === | <noinclude>=== Voir aussi === |
Version du 2 mars 2011 à 09:00
Date de sortie : 21 février 2011
Consulter la liste des détails sur les évolutions et corrections de bogues de cette version 2.0.2 (en anglais).
Changements importants
- MDL-20617 - Options to show feedback, averages, range and other data in the user report
- MDL-26109 - All standard blocks have option to dock
- MDL-25616 - Recent messages and recent notifications interfaces
Améliorations de performance
- MDL-17201 - Ajout d'un index sur user_info_data
- MDL-25669 - fix_course_sortorder() does way too many UPDATE queries
- MDL-25837 - disasterous caching bug in course_overview block
- MDL-22970 - Glossary import displays too many items in recent activity
- MDL-25677 - Differences between upgraded and installed sites detected in blocks subsystem
- MDL-24125 - Add in-memory cache of admin_category child objects
Principales corrections
- MDL-25501 - Wikis with pages with the same title now upgrade from 1.9
- MDL-25932 - Upgrade fails for wikis with the same title
- MDL-25850 - Scorm score not checking for mod/scorm:viewscores
- MDL-25215 - File extension lost when using "Save As" field
- MDL-26071 - Upgrade fails when adding fields to tag_instance table
- MDL-26236 - Random essay questions give error
- MDL-25321 - sqlsrv_native's limit_to_top_n function destroys queries
- MDL-25626 - Error in "Course completion status" block
- MDL-25863 - Automated course backup function duplicates old versions when saved to non-default location
- MDL-26098 - Manual grading pop-up is confused between id and uniqueid
- MDL-25841 - Cloze question feedback appears in the wrong place
- MDL-26299 - Numerical questions units handling setting reverts to default upon editing
Sécurité
- MSA-11-0003 Cross-site scripting vulnerability in tag autocomplete
- MSA-11-0004 $CFG->forceloginforprofiles setting ignored in course profiles
- MSA-11-0005 Cross-site scripting vulnerability in spikephpcoverage
- MSA-11-0006 Cross-site request forgery and missing access control in course completion
- MSA-11-0007 Cross-site scripting vulnerability in course tags
- MSA-11-0008 IMS enterprise enrolment file may disclose sensitive information
- MSA-11-0009 My profile block may disclose private information if used in user context
- MSA-11-0010 Incorrect default for mod:course/delete capability in teacher role
- MSA-11-0011 Multiple cross-site scripting problems in media filter