Moodle 3.5.8 release notes

From MoodleDocs
Important:

This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.

Why not view this page on the new site and help us to migrate more content to the new site!

This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 3.5.8 release notes

Release date: 9 September 2019

Here is the full list of fixed issues in 3.5.8.

Fixes

  • MDL-66136 - Online text assignment error when attempting to submit an image only (with no text)
  • MDL-65925 - Grade page is broken if submission other than PDF was deleted
  • MDL-65749 - Upgrade PHPMailer

Security fixes

  • MSA-19-0018 JavaScript injection possible in some Mustache templates via recursive rendering from contexts
  • MSA-19-0019 Course creation did not check the creator's role assignment capability before automatically assigning them as a teacher in the course
  • MSA-19-0020 Python Machine Learning dependency versions bumped
  • MSA-19-0021 Activity :addinstance capabilities were not respected when creating a course in single activity format
  • MSA-19-0022 Open redirect in the mobile launch endpoint could be used to expose mobile access tokens
  • MSA-19-0023 Forum subscribe link contained an open redirect if forced subscription mode was enabled

See also