Moodle 1.9.2 release notes: Difference between revisions

Revision as of 14:19, 1 December 2008

Release date: 11th July 2008

Compatibility fixes for MSSQL, Oracle and PostgreSQL
Improved triggering of core events (though contributed code needs to be updated - see MDL-9983)
Email change confirmation and other improvements relating to reducing the risk of spam
Forum subscription improvements
Setting for deleting not-fully-set-up accounts
Quiz report enhancements and bug fixes (see Quiz report enhancements for full list, though most are planned for Moodle 2.0)

MSA-08-0010: sql injection in HotPot module
MSA-08-0012: Potential non-persistent XSS when searching for group members (MSSQL and Oracle only)
MSA-08-0014: potential sql injection in events handling code
MSA-08-0015: accessible profiles of deleted users
MSA-08-0016: Email could be changed in profile without confirmation

@@ Line 3: / Line 3: @@
 Here is [http://tracker.moodle.org/secure/BrowseVersion.jspa?id=10011&versionId=10280&showOpenIssuesOnly=false the full list of fixed issues in 1.9.2].
-==Highlights==
+===Highlights===
 * Compatibility fixes for MSSQL, Oracle and PostgreSQL
 * Improved triggering of core events (though contributed code needs to be updated - see MDL-9983)
@@ Line 11: / Line 11: @@
 * Quiz report enhancements and bug fixes (see [[Development:Quiz report enhancements|Quiz report enhancements]] for full list, though most are planned for Moodle 2.0)
-==Security issues==
+===Security issues===
 * [http://moodle.org/mod/forum/discuss.php?d=101402 MSA-08-0010]: sql injection in HotPot module
 * [http://moodle.org/mod/forum/discuss.php?d=101404 MSA-08-0012]: Potential non-persistent XSS when searching for group members (MSSQL and Oracle only)