Moodle 3.9.10 release notes: Difference between revisions
From MoodleDocs
Helen Foster (talk | contribs) (Backported security improvements) |
Dev Docs Bot (talk | contribs) m (Protected "Moodle 3.9.10 release notes": Developer Docs Migration ([Edit=Allow only administrators] (indefinite))) |
||
(4 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
{{Template:Migrated|newDocId=/general/releases/3.9/3.9.10}} | |||
<p class="note">'''This version of Moodle is no longer supported for general bug fixes.''' You are encouraged to [[:en:Upgrading|upgrade]] to a supported version of Moodle.</p> | <p class="note">'''This version of Moodle is no longer supported for general bug fixes.''' You are encouraged to [[:en:Upgrading|upgrade]] to a supported version of Moodle.</p> | ||
[[Releases]] > {{FULLPAGENAME}} | |||
Release date: 13 September 2021 | |||
Here is [https://tracker.moodle.org/secure/IssueNavigator!executeAdvanced.jspa?jqlQuery=project+%3D+mdl+AND+resolution+%3D+fixed+AND+fixVersion+in+%28%223.9.10%22%29+ORDER+BY+priority+DESC&runQuery=true&clear=true the full list of fixed issues in 3.9.10]. | Here is [https://tracker.moodle.org/secure/IssueNavigator!executeAdvanced.jspa?jqlQuery=project+%3D+mdl+AND+resolution+%3D+fixed+AND+fixVersion+in+%28%223.9.10%22%29+ORDER+BY+priority+DESC&runQuery=true&clear=true the full list of fixed issues in 3.9.10]. | ||
==Backported bug fixes== | ==Backported bug fixes== | ||
* MDL-72494 - Cannot change course format with Chrome 93.0 | |||
* MDL-72312 - PHP 7.2 tests failing in 3.10 & 3.9, caused by buggy php-igbinary extension | * MDL-72312 - PHP 7.2 tests failing in 3.10 & 3.9, caused by buggy php-igbinary extension | ||
* MDL-72265 - Backup code added in MDL-56310 incorrectly checks moodle/role:safeoverride for users who already have moodle/role:override | * MDL-72265 - Backup code added in MDL-56310 incorrectly checks moodle/role:safeoverride for users who already have moodle/role:override | ||
==Backported security improvements== | ==Backported security improvements== | ||
* MDL-72014 - Update grunt and some components to avoid some security reports | * MDL-72014 - Update grunt and some components to avoid some security reports | ||
* MDL-72187 - Log visibility change of log stores | * MDL-72187 - Log visibility change of log stores | ||
==Security fixes== | |||
* [https://moodle.org/mod/forum/discuss.php?d=427103 MSA-21-0032] Session Hijack risk when Shibboleth authentication is enabled | |||
* [https://moodle.org/mod/forum/discuss.php?d=427104 MSA-21-0033] Course participants download did not restrict which users could be exported | |||
* [https://moodle.org/mod/forum/discuss.php?d=427105 MSA-21-0034] Authentication bypass risk when using external database authentication | |||
* [https://moodle.org/mod/forum/discuss.php?d=427106 MSA-21-0035] Arbitrary file read by site administrators via LaTeX preamble | |||
* [https://moodle.org/mod/forum/discuss.php?d=427107 MSA-21-0036] Quiz unreleased grade disclosure via web service | |||
==See also== | ==See also== | ||
*[[Moodle 3.9.9 release notes]] | *[[Moodle 3.9.9 release notes]] | ||
[[Category:Release notes]] | [[Category:Release notes]] | ||
[[Category:Moodle 3.9]] | [[Category:Moodle 3.9]] | ||
[[fr:Notes de mise à jour de Moodle 3.9.10]] | [[fr:Notes de mise à jour de Moodle 3.9.10]] | ||
[[es:Notas de Moodle 3.9.10]] | [[es:Notas de Moodle 3.9.10]] |
Latest revision as of 09:09, 25 May 2022
Important:
This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date. Why not view this page on the new site and help us to migrate more content to the new site! |
This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 3.9.10 release notes
Release date: 13 September 2021
Here is the full list of fixed issues in 3.9.10.
Backported bug fixes
- MDL-72494 - Cannot change course format with Chrome 93.0
- MDL-72312 - PHP 7.2 tests failing in 3.10 & 3.9, caused by buggy php-igbinary extension
- MDL-72265 - Backup code added in MDL-56310 incorrectly checks moodle/role:safeoverride for users who already have moodle/role:override
Backported security improvements
- MDL-72014 - Update grunt and some components to avoid some security reports
- MDL-72187 - Log visibility change of log stores
Security fixes
- MSA-21-0032 Session Hijack risk when Shibboleth authentication is enabled
- MSA-21-0033 Course participants download did not restrict which users could be exported
- MSA-21-0034 Authentication bypass risk when using external database authentication
- MSA-21-0035 Arbitrary file read by site administrators via LaTeX preamble
- MSA-21-0036 Quiz unreleased grade disclosure via web service