Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 2.7.10 release notes: Difference between revisions

From MoodleDocs
No edit summary
Line 9: Line 9:
===Security issues===
===Security issues===
   
   
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
* [https://moodle.org/mod/forum/discuss.php?d=320287 MSA-15-0030] Students can re-attempt answering questions in the lesson
* [https://moodle.org/mod/forum/discuss.php?d=320288 MSA-15-0031] Teacher in forum can still post to "all participants" and groups they are not members of
* [https://moodle.org/mod/forum/discuss.php?d=320289 MSA-15-0032] Users can delete files uploaded by other users in wiki
* [https://moodle.org/mod/forum/discuss.php?d=320290 MSA-15-0033] Meta course synchronisation enrols suspended students as managers for a short period of time
* [https://moodle.org/mod/forum/discuss.php?d=320291 MSA-15-0034] Vulnerability in password recovery mechanism
* [https://moodle.org/mod/forum/discuss.php?d=320292 MSA-15-0035] Rating component does not check separate groups
* [https://moodle.org/mod/forum/discuss.php?d=320293 MSA-15-0036] XSS in grouping description


===Fixes and improvements===
===Fixes and improvements===

Revision as of 01:48, 21 September 2015

This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 2.7.10 release notes

Release date: 14 September 2015

Here is the full list of fixed issues in 2.7.10.

Security issues

  • MSA-15-0030 Students can re-attempt answering questions in the lesson
  • MSA-15-0031 Teacher in forum can still post to "all participants" and groups they are not members of
  • MSA-15-0032 Users can delete files uploaded by other users in wiki
  • MSA-15-0033 Meta course synchronisation enrols suspended students as managers for a short period of time
  • MSA-15-0034 Vulnerability in password recovery mechanism
  • MSA-15-0035 Rating component does not check separate groups
  • MSA-15-0036 XSS in grouping description

Fixes and improvements

  • MDL-51050 - Forms such as "Create new group" are no longer populated with passwords and usernames by the browsers
  • MDL-42670 - Recent activity block no longer shows student name when assignment blind marking is on

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Moodle_2.7.10_release_notes&oldid=48518"
Powered by MediaWiki