Moodle 2.5.1 release notes: Difference between revisions
From MoodleDocs
Helen Foster (talk | contribs) m (→Fixes and improvements: rewording) |
(Adding security issues) |
||
Line 21: | Line 21: | ||
===Security issues=== | ===Security issues=== | ||
A number of security related issues were resolved. | A number of security related issues were resolved. | ||
* [https://moodle.org/mod/forum/discuss.php?d=232496 MSA-13-0025] XSS vulnerability in YUI library | |||
* [https://moodle.org/mod/forum/discuss.php?d=232497 MSA-13-0026] Personal information leak in IMS-LTI | |||
* [https://moodle.org/mod/forum/discuss.php?d=232498 MSA-13-0027] Access issue in Chat module | |||
* [https://moodle.org/mod/forum/discuss.php?d=232500 MSA-13-0028] Answer information revealed in Lesson activity | |||
* [https://moodle.org/mod/forum/discuss.php?d=232501 MSA-13-0029] XSS risk in conditional activities | |||
* [https://moodle.org/mod/forum/discuss.php?d=232502 MSA-13-0030] Information leak through RSS | |||
* [https://moodle.org/mod/forum/discuss.php?d=232503 MSA-13-0031] Personal information leak in Feedback activity | |||
===Fixes and improvements=== | ===Fixes and improvements=== | ||
Revision as of 01:39, 15 July 2013
Releases > Moodle 2.5.1 release notes
Release date: 8 July 2013
Here is the full list of fixed issues in 2.5.1.
Highlights
- MDL-39824 - Simplification of themes
- MDL-38434 - Functional tests added for the Chat activity
- MDL-39723 - Two unnecessary course queries were removed from most pages
Functional changes
- MDL-39790 - My Latest badges block appears on the course page
API changes
- MDL-40137 - Correct naming of functions in theme/clean/lib.php
Security issues
A number of security related issues were resolved.
- MSA-13-0025 XSS vulnerability in YUI library
- MSA-13-0026 Personal information leak in IMS-LTI
- MSA-13-0027 Access issue in Chat module
- MSA-13-0028 Answer information revealed in Lesson activity
- MSA-13-0029 XSS risk in conditional activities
- MSA-13-0030 Information leak through RSS
- MSA-13-0031 Personal information leak in Feedback activity
Fixes and improvements
- MDL-39778 - Course deletion now functions with badges.
- MDL-40120 - Issue when recent PostgreSQL versions retrieve the number of records from course table fixed.
- MDL-39697 - Bootstrap layouts now have 'Maintenance' layout and related options.
- MDL-40065 - Bootstrap Theme only sends content to "side-pre" if necessary.
- MDL-40088 - Can now edit course settings if course is in a hidden category.
- MDL-39979 - Teachers no longer see errors when Show Activity Reports is set to yes.
- MDL-39363 - SCORM pass/fail status is set for a grade of 0.
- MDL-39227 - SCORM navigation panel is no longer hidden when a Bootstrap theme is active.
- MDL-39177 - Overwriting files always observes the "alias" attribute.
- MDL-33719 - When overwriting a copy of a file with an alias/shortcut of a file, the file thumbnail is refreshed.
- MDL-40142 - No JavaScript error is caused by the navigation block in relation to course categories.
- MDL-40289 - Badges capabilities now have correct risks, levels and archetypes. Note for sites which are upgrading from 2.5: See the section 'Upgrading from Moodle 2.5 to 2.5.1' in Upgrading for details of how to correctly set badge permissions for each role archetype.