Moodle 1.9.4 release notes
This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.
Release date: 28th January 2009
- MDL-17205 New options to allow Moodle to be configured to comply with European and US privacy regulations, like FERPA.
- Fix multiple bugs relating to creating and editing course categories. Previously, giving admin permissions in a category and its subcategories did not work reliably. In the process, the separate create, update and delete category capabilities were replaced with moodle/category:manage, and moodle/category:visibility was renamed to moodle/category:viewhiddencategories.
- MDL-8648 Essay questions can now be randomised by random questions. This must be enabled under Administration > Miscellaneous > Experimental.
- MDL-14926 A new capability mod/quiz:reviewmyattempts, separate from mod/quiz:attempt. This let's you create a read-only role that lets students see what they have done on a course in the past, without being able to change anything any more.
- MDL-16651 A new capability mod/scorm:deleteresponses allowing deletion of SCORM attempts
- MDL-6160 Email notification of course requests, and a new capability moodle/course:request to control who can request courses.
- MDL-17364 New Forum setting for enabling AJAX forum ratings
- MDL-10021 New option, "Yes, without frame", for the file resource "Keep page navigation visible on the same page" setting. This option displays a resource in a XHTML strict page. Other options have been kept.
- MDL-16999 Some database module settings have been fixed ('Required Entries' and ' Required Entries before viewing). If the fix has an impact on your Moodle installation, you will be warned during upgrade.
- MSA-09-0001 No way easy to remove pictures of deleted users
- MSA-09-0002 User pix disclosure
- MSA-09-0003 Vulnerability in Snoopy 1.2.3
- MSA-09-0004 XSS vulnerabilities in HTML blocks if "Login as" used
- MSA-09-0005 Moodle 'spell-check-logic.cgi' Insecure Temporary File Creation Vulnerability
- MSA-09-0006 Calendar export may allow brute force attacks
- MSA-09-0007 Missing input validation in logs allows potential XSS attacks
- MSA-09-0008 CSRF vulnerability in forum code
New language strings file
New language pack
- Kazakh - Калима Туенбаева
(See Translation credits for additional details.)
Known problems and regressions
- New Security overview report on large sites extremely slow and overloading database server MDL-18040 - update to latest weekly or copy /admin/report/security/* files from latest weekly