Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 2.4.10 release notes: Difference between revisions

From MoodleDocs
(Cleaning up minor release page)
(Adding security release notes)
Line 9: Line 9:
===Security issues===
===Security issues===
   
   
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
* [https://moodle.org/mod/forum/discuss.php?d=260361 MSA-14-0014] Cross-site request forgery possible in Assignment
* [https://moodle.org/mod/forum/discuss.php?d=260362 MSA-14-0015] Web service token expiry issue for MoodleMobile
* [https://moodle.org/mod/forum/discuss.php?d=260363 MSA-14-0016] Anonymous student identity revealed in Assignment
* [https://moodle.org/mod/forum/discuss.php?d=260364 MSA-14-0017] File access issue in HTML block
* [https://moodle.org/mod/forum/discuss.php?d=260366 MSA-14-0019] Reflected XSS in URL downloader repository


==See also==
==See also==

Revision as of 01:38, 19 May 2014

This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.

Releases > Moodle 2.4.10 release notes

Release date: 12 May, 2014

Here is the full list of fixed issues in 2.4.10.

Security issues

  • MSA-14-0014 Cross-site request forgery possible in Assignment
  • MSA-14-0015 Web service token expiry issue for MoodleMobile
  • MSA-14-0016 Anonymous student identity revealed in Assignment
  • MSA-14-0017 File access issue in HTML block
  • MSA-14-0019 Reflected XSS in URL downloader repository

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Moodle_2.4.10_release_notes&oldid=44847"
Powered by MediaWiki