Moodle 3.11.1 release notes

From MoodleDocs

Releases > Moodle 3.11.1 release notes


Release date: 12 July 2021

Here is the full list of fixed issues in 3.11.1.

General fixes and improvements

  • MDL-68925 - Quicklist items broken and cannot be used in PDF Annotator
  • MDL-65203 - Tab characters in event names produce malformed JSON in mustache template
  • MDL-65637 - Linkedin Authentication Stopped working
  • MDL-67975 - Nextcloud integration should allow the use of aliases to files in repository
  • MDL-55243 - SVG files are images and should be allowed for course images, drag-drop questions, etc.
  • MDL-71926 - Add an activity or resource link always visible in 3.11+
  • MDL-71126 - Quiz manual grading: page size preference can get stuck at 0
  • MDL-68915 - Forum and Lesson do not allow a change to max grade after a grade has been given
  • MDL-71659 - Grade item inconsistencies can break courses with courses with activities that require grade
  • MDL-64236 - The content in the Grader report table is partly covered by the scrollbar in RTL mode
  • MDL-67771 - Classic theme - unable to place blocks in Right region of activity modules
  • MDL-71694 - Grade validation failure causes loss of feedback comments
  • MDL-71047 - The cursor position is not correct when paste HTML in Atto editor
  • MDL-71113 - Integrate jsdoc into Grunt and allow for JS Documentation to be generated
  • MDL-70750 - In Survey activity the Response report -> Question doesn't work at all
  • MDL-71559 - User fields: new PROFILE_VISIBLE_TEACHERS constant not supported
  • MDL-71644 - File upload still gets stuck if try to leave page mid-upload
  • MDL-71366 - Checkboxes/Radio Buttons within multiple choice questions become invisible or shrink
  • MDL-71647 - Locally assigned roles no longer searches email address
  • MDL-71628 - Quiz review: names not shown on Manual grading screens
  • MDL-72010 - Quiz should use Moodle's mechanism for keeping the session alive
  • MDL-71947 - The indentation of the text must be corrected in the notice of time limit when starting a quiz
  • MDL-71789 - Add mform validation for invalid url when importing a calendar
  • MDL-71971 - In the "Edit quiz" page, don't stick together the "Repaginate" and the "Select multiple items" button
  • MDL-71838 - Quiz overview report runs out of memory with huge courses
  • MDL-71145 - Drag and Drop Marker Question Type: Saves incorrect marker positions or lost markers
  • MDL-71837 - Export Calendar buttons become inactive after pressing 'Export' (as file)
  • MDL-71836 - Enrol users: Cannot search by username
  • MDL-71832 - Browse list of users page error when sorting by custom user field
  • MDL-69703 - Selected potential group member are not highlighted properly
  • MDL-71438 - Block deletion timeouts can occur on large sites

Accessibility improvements

  • MDL-71373 - Localize hard coded aria-label strings in table pagination and role manager
  • MDL-71669 - Menus opened by Atto buttons are announced as dialog box by screen-readers
  • MDL-71813 - File picker – folder view file details not available using keyboard (Enter)
  • MDL-71668 - Atto buttons do not have proper focus indicator

Security fixes

  • MSA-21-0020 SQL injection risk in code fetching enrolled courses
  • MSA-21-0021 SQL injection risk in code fetching recent courses
  • MSA-21-0022 Remote code execution risk when Shibboleth authentication is enabled
  • MSA-21-0023 Recursion denial of service possible due to recursive cURL in file repository
  • MSA-21-0024 Blind SSRF possible against cURL blocked hosts via redirect
  • MSA-21-0025 Messaging web service allows deletion of other users' messages
  • MSA-21-0026 Stored XSS in the web service token list via user ID number
  • MSA-21-0027 Stored XSS in quiz override screens via user ID number
  • MSA-21-0028 IDOR allows removal of other users' calendar URL subscriptions
  • MSA-21-0029 Stored XSS when exporting to data formats supporting HTML via user ID number
  • MSA-21-0030 Insufficient escaping of users' names in account confirmation email
  • MSA-21-0031 Messaging email notifications containing HTML may hide the final line of the email

See also