Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 2.1.7 release notes: Difference between revisions

From MoodleDocs
(Created page with "<p class="note">'''This version of Moodle is no longer fully supported.''' Only fixes to serious security issues have been applied to this version. You are encouraged to [[:en:Up...")
 
(Adding security issues)
Line 19: Line 19:
===Security issues===
===Security issues===
   
   
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
* [http://moodle.org/mod/forum/discuss.php?d=207148 MSA-12-0042] File access issue in blocks
* [http://moodle.org/mod/forum/discuss.php?d=207149 MSA-12-0043] Early information access issue in forum
* [http://moodle.org/mod/forum/discuss.php?d=207150 MSA-12-0044] Capability check issue in forum subscriptions
* [http://moodle.org/mod/forum/discuss.php?d=207151 MSA-12-0045] Injection potential in admin for repositories
* [http://moodle.org/mod/forum/discuss.php?d=207152 MSA-12-0046] Insecure protocol redirection in LDAP authentication
* [http://moodle.org/mod/forum/discuss.php?d=207153 MSA-12-0047] SQL injection potential in Feedback module
* [http://moodle.org/mod/forum/discuss.php?d=207154 MSA-12-0048] Possible XSS in cohort administration
* [http://moodle.org/mod/forum/discuss.php?d=207155 MSA-12-0049] Group restricted activity displayed to all users
* [http://moodle.org/mod/forum/discuss.php?d=207156 MSA-12-0050] Potential DOS attack through database activity
 
===Fixes and improvements===
===Fixes and improvements===
   
   

Revision as of 00:56, 17 July 2012

This version of Moodle is no longer fully supported. Only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.

Releases > Moodle 2.1.7 release notes

Release date: 9 July 2012

Here is the full list of fixed issues in 2.1.7.

Highlights

  • MDL-28557 Group event now appears to teachers, managers and administrators
  • MDL-33398 MDL-27368 Cron works when course completion is enabled

Functional changes

Security issues

  • MSA-12-0042 File access issue in blocks
  • MSA-12-0043 Early information access issue in forum
  • MSA-12-0044 Capability check issue in forum subscriptions
  • MSA-12-0045 Injection potential in admin for repositories
  • MSA-12-0046 Insecure protocol redirection in LDAP authentication
  • MSA-12-0047 SQL injection potential in Feedback module
  • MSA-12-0048 Possible XSS in cohort administration
  • MSA-12-0049 Group restricted activity displayed to all users
  • MSA-12-0050 Potential DOS attack through database activity

Fixes and improvements

  • MDL-32866 Filemanager in private files now saves changes
  • MDL-33583 "Keep all" automated backups now works
  • MDL-33607 Add new wiki page no longer reports error writing to database
  • MDL-33603 Database activity entries are linked correctly
  • MDL-26892 Question images not lost during upgrade
  • MDL-29924 Glossary attachments appear in filter popups

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Moodle_2.1.7_release_notes&oldid=34492"
Powered by MediaWiki