Moodle 2.6.10 release notes: Difference between revisions
From MoodleDocs
(Created page with "<p class="note">'''This version of Moodle is no longer supported.''' You are encouraged to upgrade to a supported version of Moodle.</p> Releases > {{FU...") |
David Mudrak (talk | contribs) m (Reverted edits by Mudrd8mz (talk) to last revision by Marina Glancy) Tag: Rollback |
||
| (5 intermediate revisions by 2 users not shown) | |||
| Line 3: | Line 3: | ||
[[Releases]] > {{FULLPAGENAME}} | [[Releases]] > {{FULLPAGENAME}} | ||
2.6.10 release date: Tuesday, 10 March 2015 | |||
This page also covers issues resolved in 2.6.9, released on Monday, 9 March 2015 | |||
Here is [https://tracker.moodle.org/ | Here is [https://tracker.moodle.org/issues/?jql=project%20%3D%20mdl%20AND%20resolution%20%3D%20fixed%20AND%20fixVersion%20in%20%28%222.6.9%22%2C%20%222.6.10%22%29%20ORDER%20BY%20priority%20DESC&runQuery=true&clear=true the full list of fixed issues in 2.6.9 and 2.6.10]. | ||
===Security issues=== | ===Security issues=== | ||
* [https://moodle.org/mod/forum/discuss.php?d=307380 MSA-15-0010] Personal contacts and number of unread messages can be revealed | |||
* [https://moodle.org/mod/forum/discuss.php?d=307381 MSA-15-0011] Authentication in mdeploy can be bypassed | |||
* [https://moodle.org/mod/forum/discuss.php?d=307382 MSA-15-0012] ReDoS Possible with Convert links to URLs filter | |||
* [https://moodle.org/mod/forum/discuss.php?d=307383 MSA-15-0013] Block title not properly escaped and may cause HTML injection | |||
* [https://moodle.org/mod/forum/discuss.php?d=307384 MSA-15-0014] Potential information disclosure for the inaccessible courses | |||
* [https://moodle.org/mod/forum/discuss.php?d=307385 MSA-15-0015] User without proper permission is able to mark the tag as inappropriate | |||
* [https://moodle.org/mod/forum/discuss.php?d=307386 MSA-15-0016] Web services token can be created for user with temporary password | |||
* [https://moodle.org/mod/forum/discuss.php?d=307387 MSA-15-0017] XSS in quiz statistics report | |||
===Fixes and improvements=== | |||
* MDL-49167 - Fixed regression with $CFG->yuislasharguments introduced by previous minor release | |||
==See also== | ==See also== | ||
| Line 17: | Line 30: | ||
[[Category:Moodle 2.6]] | [[Category:Moodle 2.6]] | ||
[[fr:Notes de mise à jour de Moodle 2.6. | [[fr:Notes de mise à jour de Moodle 2.6.10]] | ||
[[es:Notas de Moodle 2.6. | [[es:Notas de Moodle 2.6.10]] | ||
Revision as of 13:14, 9 August 2021
This version of Moodle is no longer supported. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 2.6.10 release notes
2.6.10 release date: Tuesday, 10 March 2015
This page also covers issues resolved in 2.6.9, released on Monday, 9 March 2015
Here is the full list of fixed issues in 2.6.9 and 2.6.10.
Security issues
- MSA-15-0010 Personal contacts and number of unread messages can be revealed
- MSA-15-0011 Authentication in mdeploy can be bypassed
- MSA-15-0012 ReDoS Possible with Convert links to URLs filter
- MSA-15-0013 Block title not properly escaped and may cause HTML injection
- MSA-15-0014 Potential information disclosure for the inaccessible courses
- MSA-15-0015 User without proper permission is able to mark the tag as inappropriate
- MSA-15-0016 Web services token can be created for user with temporary password
- MSA-15-0017 XSS in quiz statistics report
Fixes and improvements
- MDL-49167 - Fixed regression with $CFG->yuislasharguments introduced by previous minor release
