Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 2.6.4 release notes

From MoodleDocs
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Important:

This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.

Why not view this page on the new site and help us to migrate more content to the new site!

Releases > Moodle 2.6.4 release notes

Release date: 14 July, 2014

Here is the full list of fixed issues in 2.6.4.

Highlights

  • MDL-41383 - File picker works when zooming in and out of browser
  • MDL-45580 - PDF Annotations working with multiple attempts

API changes

  • MDL-43669 - Configuration option added so that mail can be sent from noreply address exclusively

Security issues

  • MSA-14-0021 Code injection in Repositories
  • MSA-14-0022 XML External Entity vulnerability in LTI module
  • MSA-14-0023 XML External Entity vulnerability in IMSCC and IMSCP
  • MSA-14-0024 Cross-site scripting vulnerability in profile field
  • MSA-14-0025 Remote code execution in Quiz
  • MSA-14-0026 Information leak in profile and notes pages
  • MSA-14-0027 Forum group posting issue
  • MSA-14-0028 Cross-site scripting possible in external badges
  • MSA-14-0029 Cross-site scripting vulnerability in exception dialogues
  • MSA-14-0032 Cross-site scripting in advanced grading methods

Fixes and improvements

  • MDL-45579 - Duplicate group enrolment keys for the same course are no longer allowed
  • MDL-43848 - New message popup no longer shows sender or contents of message

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Moodle_2.6.4_release_notes&oldid=62902"
Powered by MediaWiki