Moodle 1.9.14 release notes: Difference between revisions
From MoodleDocs
m (French link) |
(Adding security issues) |
||
Line 7: | Line 7: | ||
===Security issues=== | ===Security issues=== | ||
* MDL-29311 - Message refreshing system may cause unlimited queries and DDos attack | |||
* MDL-29148 - Incorrect handling of openssl_verify() return code | |||
* MDL-23872 - $mform->setConstant() does not work as expected | |||
* MDL-28722 - Potential XSS: editsection.html print values directly from data_submitted() | |||
* MDL-29033 - Magic quotes hardening of 1.9 | |||
===Fixes and improvements=== | ===Fixes and improvements=== |
Revision as of 05:08, 18 October 2011
Release date: 10th October, 2011
Bug-fixing for general core bugs in 1.9.x has ended. Support continues for serious security issues, which is reflected in this release.
Here is the full list of fixed issues in 1.9.14.
Security issues
- MDL-29311 - Message refreshing system may cause unlimited queries and DDos attack
- MDL-29148 - Incorrect handling of openssl_verify() return code
- MDL-23872 - $mform->setConstant() does not work as expected
- MDL-28722 - Potential XSS: editsection.html print values directly from data_submitted()
- MDL-29033 - Magic quotes hardening of 1.9
Fixes and improvements
- MDL-27174 - Automated backups succeed when assignment has instance of zero
- MDL-4561 - Metacourses allow guest access with an enrolment key