Moodle 1.9.14 release notes: Difference between revisions
From MoodleDocs
(Correcting security notes) |
No edit summary |
||
| Line 3: | Line 3: | ||
Bug-fixing for general core bugs in 1.9.x has ended. Support continues for serious security issues, which is reflected in this release. | Bug-fixing for general core bugs in 1.9.x has ended. Support continues for serious security issues, which is reflected in this release. | ||
Here is [http://tracker.moodle.org/secure/IssueNavigator!executeAdvanced.jspa?jqlQuery=project+%3D+mdl+and+resolution+%3D+fixed+AND+fixVersion+in+%28%221.9.14%22 the full list of fixed issues in 1.9.14]. | Here is [http://tracker.moodle.org/secure/IssueNavigator!executeAdvanced.jspa?jqlQuery=project+%3D+mdl+and+resolution+%3D+fixed+AND+fixVersion+in+%28%221.9.14%22%29 the full list of fixed issues in 1.9.14]. | ||
===Security issues=== | ===Security issues=== | ||
Revision as of 16:31, 19 October 2011
Release date: 10th October, 2011
Bug-fixing for general core bugs in 1.9.x has ended. Support continues for serious security issues, which is reflected in this release.
Here is the full list of fixed issues in 1.9.14.
Security issues
- MSA-11-0031 - Forms API constant issue
- MSA-11-0032 - MNET SSL validation issue
- MSA-11-0036 - Messaging refresh vulnerability
- MSA-11-0037 - Course section editing injection vulnerability
- MSA-11-0038 - Database injection protection strengthened
- MSA-11-0040 - Potential personal information leak
Fixes and improvements
- MDL-27174 - Automated backups succeed when assignment has instance of zero
- MDL-4561 - Metacourses allow guest access with an enrolment key
