Moodle 2.2.4 release notes: Difference between revisions
From MoodleDocs
(Created page with "Releases > {{FULLPAGENAME}} Release date: 9 July 2012 Here is [http://tracker.moodle.org/secure/IssueNavigator!executeAdvanced.jspa?jqlQuery=project+%3D+mdl+AND+resolutio...") |
(Adding security issues) |
||
Line 16: | Line 16: | ||
===Security issues=== | ===Security issues=== | ||
* [http://moodle.org/mod/forum/discuss.php?d=207146 MSA-12-0040] Capabilities issue through caching | |||
* [http://moodle.org/mod/forum/discuss.php?d=207147 MSA-12-0041] XSS issue in LTI module | |||
* [http://moodle.org/mod/forum/discuss.php?d=207148 MSA-12-0042] File access issue in blocks | |||
* [http://moodle.org/mod/forum/discuss.php?d=207149 MSA-12-0043] Early information access issue in forum | |||
* [http://moodle.org/mod/forum/discuss.php?d=207150 MSA-12-0044] Capability check issue in forum subscriptions | |||
* [http://moodle.org/mod/forum/discuss.php?d=207151 MSA-12-0045] Injection potential in admin for repositories | |||
* [http://moodle.org/mod/forum/discuss.php?d=207152 MSA-12-0046] Insecure protocol redirection in LDAP authentication | |||
* [http://moodle.org/mod/forum/discuss.php?d=207153 MSA-12-0047] SQL injection potential in Feedback module | |||
* [http://moodle.org/mod/forum/discuss.php?d=207154 MSA-12-0048] Possible XSS in cohort administration | |||
* [http://moodle.org/mod/forum/discuss.php?d=207155 MSA-12-0049] Group restricted activity displayed to all users | |||
* [http://moodle.org/mod/forum/discuss.php?d=207156 MSA-12-0050] Potential DOS attack through database activity | |||
===Fixes and improvements=== | ===Fixes and improvements=== | ||
Revision as of 00:56, 17 July 2012
Releases > Moodle 2.2.4 release notes
Release date: 9 July 2012
Here is the full list of fixed issues in 2.2.4.
Highlights
- MDL-28557 Group event now appears to teachers, managers and administrators
- MDL-33398 MDL-27368 Cron works when course completion is enabled
Functional changes
- MDL-24401 String default changes
Security issues
- MSA-12-0040 Capabilities issue through caching
- MSA-12-0041 XSS issue in LTI module
- MSA-12-0042 File access issue in blocks
- MSA-12-0043 Early information access issue in forum
- MSA-12-0044 Capability check issue in forum subscriptions
- MSA-12-0045 Injection potential in admin for repositories
- MSA-12-0046 Insecure protocol redirection in LDAP authentication
- MSA-12-0047 SQL injection potential in Feedback module
- MSA-12-0048 Possible XSS in cohort administration
- MSA-12-0049 Group restricted activity displayed to all users
- MSA-12-0050 Potential DOS attack through database activity
Fixes and improvements
- MDL-32866 Filemanager in private files now saves changes
- MDL-33583 "Keep all" automated backups now works
- MDL-33607 Add new wiki page no longer reports error writing to database
- MDL-33603 Database activity entries are linked correctly
- MDL-26892 Question images not lost during upgrade
- MDL-29924 Glossary attachments appear in filter popups
- MDL-25695 TOC links now work in Wiki