« Notes de mise à jour de Moodle 2.0.5 » : différence entre les versions
De MoodleDocs
(Nettoyage et mise à jour) |
|||
Ligne 11 : | Ligne 11 : | ||
=== Sécurité === | === Sécurité === | ||
* MDL-28726 - XSS in Wiki comments | |||
* MDL-28724 - CSRF in instancecomments.php, restore version and several other places | |||
* MDL-27586 - Server files shows all categories and courses even if a user don't have access to them | |||
* MDL-27289 - Box.net repository has security flaws | |||
* MDL-29148 - Incorrect handling of openssl_verify() return code | |||
* MDL-23872 - $mform->setConstant() does not work as expected | |||
* MDL-27635 - Column registration_hubs.secret gets different default value for upgrade versus install | |||
* MDL-22232 - Teacher can turn off all of a student's notifications | |||
* MDL-27219 - Chat disclosed full names of all system users including deleted users | |||
* MDL-29312 - Prevent $CFG->usesid because hackers try to exploit it | |||
=== Corrections et améliorations === | === Corrections et améliorations === |
Version du 18 octobre 2011 à 05:23
Date de sortie : 10 octobre 2011
Consulter la liste des détails sur les évolutions et corrections de bogues qui sont corrigés dans cette version 2.0.5 (en anglais).
Changements importants
- MDL-28729 - Plusieurs corrections et améliorations du multi-langue
Changements fonctionnels
- MDL-28410 - Autorise une seule option dans une activité sondage
- MDL-23520 - Ajout d'une option pour permettre la suppression d'une page
Sécurité
- MDL-28726 - XSS in Wiki comments
- MDL-28724 - CSRF in instancecomments.php, restore version and several other places
- MDL-27586 - Server files shows all categories and courses even if a user don't have access to them
- MDL-27289 - Box.net repository has security flaws
- MDL-29148 - Incorrect handling of openssl_verify() return code
- MDL-23872 - $mform->setConstant() does not work as expected
- MDL-27635 - Column registration_hubs.secret gets different default value for upgrade versus install
- MDL-22232 - Teacher can turn off all of a student's notifications
- MDL-27219 - Chat disclosed full names of all system users including deleted users
- MDL-29312 - Prevent $CFG->usesid because hackers try to exploit it
Corrections et améliorations
- MDL-28931 - Updated timezone info to latest version available
- MDL-27122 - Le bloc paramètres apparait une seule fois en page d'accueil
- MDL-28569 - RSS feed autodiscovery works with ampersands in URLs
- MDL-26890 - Forum file size limit is used if a file is added from private files
- MDL-28402 - La configuration LDAP autorise le stockage de valeurs en minuscules
- MDL-25872 - Teacher listed in assignment grading and in gradebook