Moodle 2.4.10 release notes: Difference between revisions
From MoodleDocs
(Created page with "<p class="note">'''This version of Moodle is no longer fully supported.''' Generally, only fixes to serious security issues have been applied to this version. You are encourag...") |
(Adding security release notes) |
||
(One intermediate revision by the same user not shown) | |||
Line 3: | Line 3: | ||
[[Releases]] > {{FULLPAGENAME}} | [[Releases]] > {{FULLPAGENAME}} | ||
Release date: | Release date: 12 May, 2014 | ||
Here is [https://tracker.moodle.org/secure/IssueNavigator!executeAdvanced.jspa?jqlQuery=project+%3D+mdl+AND+resolution+%3D+fixed+AND+fixVersion+in+%28%222.4.10%22%29+ORDER+BY+priority+DESC&runQuery=true&clear=true the full list of fixed issues in 2.4.10]. | Here is [https://tracker.moodle.org/secure/IssueNavigator!executeAdvanced.jspa?jqlQuery=project+%3D+mdl+AND+resolution+%3D+fixed+AND+fixVersion+in+%28%222.4.10%22%29+ORDER+BY+priority+DESC&runQuery=true&clear=true the full list of fixed issues in 2.4.10]. | ||
===Security issues=== | ===Security issues=== | ||
* [https://moodle.org/mod/forum/discuss.php?d=260361 MSA-14-0014] Cross-site request forgery possible in Assignment | |||
* [https://moodle.org/mod/forum/discuss.php?d=260362 MSA-14-0015] Web service token expiry issue for MoodleMobile | |||
== | * [https://moodle.org/mod/forum/discuss.php?d=260363 MSA-14-0016] Anonymous student identity revealed in Assignment | ||
* [https://moodle.org/mod/forum/discuss.php?d=260364 MSA-14-0017] File access issue in HTML block | |||
* .. | * [https://moodle.org/mod/forum/discuss.php?d=260366 MSA-14-0019] Reflected XSS in URL downloader repository | ||
==See also== | ==See also== | ||
*[[Moodle 2.4.9 release notes]] | *[[Moodle 2.4.9 release notes]] |
Revision as of 01:38, 19 May 2014
This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.
Releases > Moodle 2.4.10 release notes
Release date: 12 May, 2014
Here is the full list of fixed issues in 2.4.10.
Security issues
- MSA-14-0014 Cross-site request forgery possible in Assignment
- MSA-14-0015 Web service token expiry issue for MoodleMobile
- MSA-14-0016 Anonymous student identity revealed in Assignment
- MSA-14-0017 File access issue in HTML block
- MSA-14-0019 Reflected XSS in URL downloader repository