Release date: 10th October, 2011

Here is the full list of fixed issues in 2.0.5.

Highlights

• MDL-28729 - Numerous multi-lang fixes and improvements

Functional changes

• MDL-28410 - Allow a single option in a Choice activity
• MDL-23520 - Option added to allow deleting of a wiki page

Security issues

• MDL-28726 - XSS in Wiki comments
• MDL-28724 - CSRF in instancecomments.php, restore version and several other places
• MDL-27586 - Server files shows all categories and courses even if a user don't have access to them
• MDL-27289 - Box.net repository has security flaws
• MDL-29148 - Incorrect handling of openssl_verify() return code
• MDL-23872 - $mform->setConstant() does not work as expected
• MDL-27635 - Column registration_hubs.secret gets different default value for upgrade versus install
• MDL-22232 - Teacher can turn off all of a student's notifications
• MDL-27219 - Chat disclosed full names of all system users including deleted users
• MDL-29312 - Prevent $CFG->usesid because hackers try to exploit it

Fixes and improvements

• MDL-28931 - Updated timezone info to latest version available
• MDL-27122 - The Settings block appears once on the Front Page
• MDL-28569 - RSS feed autodiscovery works with ampersands in URLs
• MDL-26890 - Forum file size limit is used if a file is added from private files
• MDL-28402 - LDAP configuration allows values stored in lower case
• MDL-25872 - Teacher listed in assignment grading and in gradebook

See also

• Moodle 2.0.4 release notes