Moodle 2.0.5 release notes: Difference between revisions
From MoodleDocs
(Adding security issues) |
(Correcting security notes) |
||
Line 14: | Line 14: | ||
===Security issues=== | ===Security issues=== | ||
* | * [http://moodle.org/mod/forum/discuss.php?d=188309 MSA-11-0027] - Wiki pages reference forgery issue | ||
* | * [http://moodle.org/mod/forum/discuss.php?d=188310 MSA-11-0028] - Wiki comments cross site scripting issue | ||
* [http://moodle.org/mod/forum/discuss.php?d=188311 MSA-11-0029] - File visibility issue | |||
* | * [http://moodle.org/mod/forum/discuss.php?d=188312 MSA-11-0030] - Box.net repository integration authentication issue | ||
* | * [http://moodle.org/mod/forum/discuss.php?d=188313 MSA-11-0031] - Forms API constant issue | ||
* | * [http://moodle.org/mod/forum/discuss.php?d=188314 MSA-11-0032] - MNET SSL validation issue | ||
* | * [http://moodle.org/mod/forum/discuss.php?d=188315 MSA-11-0033] - Site-hub registration identity issue | ||
* | * [http://moodle.org/mod/forum/discuss.php?d=188316 MSA-11-0034] - Chat module information leak | ||
* | * [http://moodle.org/mod/forum/discuss.php?d=188317 MSA-11-0035] - Cookie-less session vulnerability | ||
* | * [http://moodle.org/mod/forum/discuss.php?d=188321 MSA-11-0039] - Wiki section vulnerability | ||
* [http://moodle.org/mod/forum/discuss.php?d=188322 MSA-11-0040] - Potential personal information leak | |||
* [http://moodle.org/mod/forum/discuss.php?d=188323 MSA-11-0041] - Global search authentication issue | |||
===Fixes and improvements=== | ===Fixes and improvements=== |
Revision as of 06:45, 18 October 2011
Release date: 10th October, 2011
Here is the full list of fixed issues in 2.0.5.
Highlights
- MDL-28729 - Numerous multi-lang fixes and improvements
Functional changes
- MDL-28410 - Allow a single option in a Choice activity
- MDL-23520 - Option added to allow deleting of a wiki page
Security issues
- MSA-11-0027 - Wiki pages reference forgery issue
- MSA-11-0028 - Wiki comments cross site scripting issue
- MSA-11-0029 - File visibility issue
- MSA-11-0030 - Box.net repository integration authentication issue
- MSA-11-0031 - Forms API constant issue
- MSA-11-0032 - MNET SSL validation issue
- MSA-11-0033 - Site-hub registration identity issue
- MSA-11-0034 - Chat module information leak
- MSA-11-0035 - Cookie-less session vulnerability
- MSA-11-0039 - Wiki section vulnerability
- MSA-11-0040 - Potential personal information leak
- MSA-11-0041 - Global search authentication issue
Fixes and improvements
- MDL-28931 - Updated timezone info to latest version available
- MDL-27122 - The Settings block appears once on the Front Page
- MDL-28569 - RSS feed autodiscovery works with ampersands in URLs
- MDL-26890 - Forum file size limit is used if a file is added from private files
- MDL-28402 - LDAP configuration allows values stored in lower case
- MDL-25872 - Teacher listed in assignment grading and in gradebook