Moodle 2.5.8 release notes: Difference between revisions

Revision as of 00:33, 15 September 2014

This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.

Releases > Moodle 2.5.8 release notes

Release date: 8 September, 2014

Here is the full list of fixed issues in 2.5.8.

Security issues

MSA-14-0033 URL parameter injection in CAS authentication
MSA-14-0034 Identity information revealed early in Q&A forum

@@ Line 1: / Line 1: @@
+<p class="note">'''This version of Moodle is no longer fully supported.''' Generally, only fixes to serious security issues have been applied to this version. You are encouraged to [[:en:Upgrading|upgrade]] to a fully supported version of Moodle.</p>
 [[Releases]] > {{FULLPAGENAME}}
@@ Line 7: / Line 9: @@
 ===Security issues===
-A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
+* [https://moodle.org/mod/forum/discuss.php?d=269590 MSA-14-0033] URL parameter injection in CAS authentication
+* [https://moodle.org/mod/forum/discuss.php?d=269591 MSA-14-0034] Identity information revealed early in Q&A forum
 ==See also==

Documentation

Moodle 2.5.8 release notes: Difference between revisions

Revision as of 00:33, 15 September 2014

Security issues

See also