Moodle 2.4.1 release notes: Difference between revisions
From MoodleDocs
Sarifun Nari (talk | contribs) |
(Adding security issues (with bullets)) |
||
(2 intermediate revisions by 2 users not shown) | |||
Line 19: | Line 19: | ||
===Security issues=== | ===Security issues=== | ||
* [https://moodle.org/mod/forum/discuss.php?d=220157 MSA-13-0001] - Security issue in Google Spellchecker in TinyMCE | |||
* [https://moodle.org/mod/forum/discuss.php?d=220158 MSA-13-0002] - Capability issue with Outcome editing | |||
* [https://moodle.org/mod/forum/discuss.php?d=220160 MSA-13-0003] - Potential server file access through backup restoration | |||
* [https://moodle.org/mod/forum/discuss.php?d=220161 MSA-13-0004] - Information leak through activity report | |||
* [https://moodle.org/mod/forum/discuss.php?d=220162 MSA-13-0005] - Potential phishing attack through URL redirects | |||
* [https://moodle.org/mod/forum/discuss.php?d=220163 MSA-13-0006] - Potential information leak in Assignment module | |||
* [https://moodle.org/mod/forum/discuss.php?d=220164 MSA-13-0007] - Potential exploit in messaging | |||
* [https://moodle.org/mod/forum/discuss.php?d=220165 MSA-13-0008] - Information leak through Blog RSS | |||
* [https://moodle.org/mod/forum/discuss.php?d=220166 MSA-13-0009] - Information leak through Blog RSS | |||
* [https://moodle.org/mod/forum/discuss.php?d=220167 MSA-13-0010] - Failure to check capabilities in calendar | |||
===Fixes and improvements=== | ===Fixes and improvements=== | ||
Revision as of 02:13, 21 January 2013
Releases > Moodle 2.4.1 release notes
Release date: 14 January 2013
Here is the full list of fixed issues in 2.4.1.
Highlights
- MDL-32880 - Make 1.9 blocks restorable in 2.3 onwards
- MDL-34791 - Activity quick title edit updates name in gradebook
- MDL-35653 - Wiki module works if you activate the force format option
API changes
- MDL-30700 - There is a new function "text_sorting($columnname)" for the class flexible_table which allows you to specify which columns are of type "text" so they can be sorted correctly in all databases.
- MDL-35593 - core_webservice_get_site_info returns version number as PARAM_TEXT
- MDL-30961 - get_course_contents web service's name value is now PARAM_RAW
Security issues
- MSA-13-0001 - Security issue in Google Spellchecker in TinyMCE
- MSA-13-0002 - Capability issue with Outcome editing
- MSA-13-0003 - Potential server file access through backup restoration
- MSA-13-0004 - Information leak through activity report
- MSA-13-0005 - Potential phishing attack through URL redirects
- MSA-13-0006 - Potential information leak in Assignment module
- MSA-13-0007 - Potential exploit in messaging
- MSA-13-0008 - Information leak through Blog RSS
- MSA-13-0009 - Information leak through Blog RSS
- MSA-13-0010 - Failure to check capabilities in calendar
Fixes and improvements
- MDL-36680 - Overview report now gives correct course total by not including hidden item grades
- MDL-37165 - Assignment summary displays on Oracle
- MDL-36963 - Automatic updates deployer needs checks directory permissions