Moodle 2.4.9 release notes: Difference between revisions
From MoodleDocs
(Adding issues) |
(Adding security release notes) |
||
Line 9: | Line 9: | ||
===Security issues=== | ===Security issues=== | ||
* [https://moodle.org/mod/forum/discuss.php?d=256416 MSA-14-0004] Incorrect filtering in Quiz | |||
* [https://moodle.org/mod/forum/discuss.php?d=256417 MSA-14-0005] Access issue in Feedback activity | |||
* [https://moodle.org/mod/forum/discuss.php?d=256418 MSA-14-0006] Capability issue in Chat | |||
* [https://moodle.org/mod/forum/discuss.php?d=256419 MSA-14-0007] Access issue in Wiki | |||
* [https://moodle.org/mod/forum/discuss.php?d=256420 MSA-14-0008] Cross site scripting potential in Flowplayer | |||
* [https://moodle.org/mod/forum/discuss.php?d=256421 MSA-14-0009] Identity information leak in Forum and Quiz | |||
* [https://moodle.org/mod/forum/discuss.php?d=256422 MSA-14-0010] Identity information leak in Alfresco Repository | |||
* [https://moodle.org/mod/forum/discuss.php?d=256423 MSA-14-0011] Cross site request forgery potential in IMS enrolments | |||
===Fixes and improvements=== | ===Fixes and improvements=== | ||
Revision as of 04:56, 17 March 2014
This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.
Releases > Moodle 2.4.9 release notes
Release date: 10 March 2014
Here is the full list of fixed issues in 2.4.9.
Security issues
- MSA-14-0004 Incorrect filtering in Quiz
- MSA-14-0005 Access issue in Feedback activity
- MSA-14-0006 Capability issue in Chat
- MSA-14-0007 Access issue in Wiki
- MSA-14-0008 Cross site scripting potential in Flowplayer
- MSA-14-0009 Identity information leak in Forum and Quiz
- MSA-14-0010 Identity information leak in Alfresco Repository
- MSA-14-0011 Cross site request forgery potential in IMS enrolments
Fixes and improvements
- MDL-44018 - Variant field of question_attempts is backed up by Moodle backup
- MDL-43306 - Backup no longer introduces duplicate gradeitem sortorders when restoring