Moodle 2.0.9 release notes: Difference between revisions
From MoodleDocs
(Adding release date) |
(Adding security issues) |
||
Line 9: | Line 9: | ||
===Security issues=== | ===Security issues=== | ||
* [http://moodle.org/mod/forum/discuss.php?d=203046 MSA-12-0029] Information editing access issue | |||
* [http://moodle.org/mod/forum/discuss.php?d=203048 MSA-12-0030] Capability manipulation issue | |||
* [http://moodle.org/mod/forum/discuss.php?d=203049 MSA-12-0031] Cross-site scripting vulnerability in Wiki | |||
* [http://moodle.org/mod/forum/discuss.php?d=203050 MSA-12-0032] Cross-site scripting vulnerability in Web services | |||
* [http://moodle.org/mod/forum/discuss.php?d=203054 MSA-12-0035] Cross-site scripting vulnerability in "download all" | |||
* [http://moodle.org/mod/forum/discuss.php?d=203055 MSA-12-0036] Cross-site scripting vulnerability in category identifier | |||
* [http://moodle.org/mod/forum/discuss.php?d=203057 MSA-12-0038] Calendar event write permission issue | |||
===Fixes and improvements=== | ===Fixes and improvements=== |
Revision as of 07:08, 21 May 2012
This version of Moodle is no longer fully supported. Only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.
Releases > Moodle 2.0.9 release notes
Release date: 14 May 2012
Here is the full list of fixed issues in 2.0.9.
Security issues
- MSA-12-0029 Information editing access issue
- MSA-12-0030 Capability manipulation issue
- MSA-12-0031 Cross-site scripting vulnerability in Wiki
- MSA-12-0032 Cross-site scripting vulnerability in Web services
- MSA-12-0035 Cross-site scripting vulnerability in "download all"
- MSA-12-0036 Cross-site scripting vulnerability in category identifier
- MSA-12-0038 Calendar event write permission issue
Fixes and improvements
- MDL-31008 CSS fixed to display dimmed objects