Because of a serious regression in the 2.3.5 release, Moodle 2.3.6 was release on Mon 18 March, 2013.

Releases > Moodle 2.3.5 release notes

Release date: 11 March 2013

Here is the full list of fixed issues in 2.3.5.

Highlights

• MDL-35074 - More students can now appear per page in the Grader Report
• MDL-34435 - Actions in categories are now logged

Functional changes

• MDL-30669 - Admins are warned before deleting 'Sticky' site-wide blocks in 2.2 accidentally through a course page
• MDL-37894 - Not yet opened quizzes show close date as well as open date
• MDL-35336 - Process for enabling statistics is now clearer

Security issues

• MSA-13-0012 Information leak in course profiles
• MSA-13-0013 Server information revealed through exception messages
• MSA-13-0014 Password revealed in WebDav repository
• MSA-13-0015 Cross-site scripting issue in Filepicker
• MSA-13-0016 External Entity Injection through Zend library
• MSA-13-0017 Form manipulation issue in notes
• MSA-13-0018 Personal information leak through repositories
• MSA-13-0019 Unauthorised settings editing through WebDav repository

Fixes and improvements

• MDL-38173 - Adding modules to courses where completion is enabled no longer causes corruption
• MDL-37847 - Plain text essays now show HTML special characters appropriately
• MDL-37774 - Moodle 1.9 to 2.x course restore now works with directory resources
• MDL-37563 - Assignment upgrade now includes conditional access settings
• MDL-36757 - Editing an activity no longer reveals hidden grades
• MDL-35780 - Participants page disclosure of email addresses is now consistent
• MDL-35175 - Lesson now shows attempts if associated with a grouping
• MDL-38352 - Improved language strings added to the English language pack, the most noticeable being 'My Moodle' in the site admin settings renamed as My home

See also

• Moodle 2.3.4 release notes