Moodle 3.9.10 release notes
From MoodleDocs
| Important:
This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date. Why not view this page on the new site and help us to migrate more content to the new site! |
This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 3.9.10 release notes
Release date: 13 September 2021
Here is the full list of fixed issues in 3.9.10.
Backported bug fixes
- MDL-72494 - Cannot change course format with Chrome 93.0
- MDL-72312 - PHP 7.2 tests failing in 3.10 & 3.9, caused by buggy php-igbinary extension
- MDL-72265 - Backup code added in MDL-56310 incorrectly checks moodle/role:safeoverride for users who already have moodle/role:override
Backported security improvements
- MDL-72014 - Update grunt and some components to avoid some security reports
- MDL-72187 - Log visibility change of log stores
Security fixes
- MSA-21-0032 Session Hijack risk when Shibboleth authentication is enabled
- MSA-21-0033 Course participants download did not restrict which users could be exported
- MSA-21-0034 Authentication bypass risk when using external database authentication
- MSA-21-0035 Arbitrary file read by site administrators via LaTeX preamble
- MSA-21-0036 Quiz unreleased grade disclosure via web service
