Moodle 2.7.11 release notes: Difference between revisions
From MoodleDocs
No edit summary |
Dev Docs Bot (talk | contribs) m (Protected "Moodle 2.7.11 release notes": Developer Docs Migration ([Edit=Allow only administrators] (indefinite))) |
||
(4 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
{{Template:Migrated|newDocId=/general/releases/2.7/2.7.11}} | |||
<p class="note">'''This version of Moodle is no longer supported for general bug fixes.''' You are encouraged to [[:en:Upgrading|upgrade]] to a supported version of Moodle.</p> | <p class="note">'''This version of Moodle is no longer supported for general bug fixes.''' You are encouraged to [[:en:Upgrading|upgrade]] to a supported version of Moodle.</p> | ||
Line 9: | Line 10: | ||
===Security issues=== | ===Security issues=== | ||
* [https://moodle.org/mod/forum/discuss.php?d=323230 MSA-15-0039] CSRF in site registration form | |||
* [https://moodle.org/mod/forum/discuss.php?d=323231 MSA-15-0040] Student XSS in survey | |||
* [https://moodle.org/mod/forum/discuss.php?d=323232 MSA-15-0041] XSS in flash video player | |||
* [https://moodle.org/mod/forum/discuss.php?d=323233 MSA-15-0042] CSRF in lesson login form | |||
* [https://moodle.org/mod/forum/discuss.php?d=323234 MSA-15-0043] Web service core_enrol_get_enrolled_users does not respect course group mode | |||
* [https://moodle.org/mod/forum/discuss.php?d=323235 MSA-15-0044] Capability to view available badges is not respected | |||
* [https://moodle.org/mod/forum/discuss.php?d=323236 MSA-15-0045] SCORM module allows to bypass access restrictions based on date | |||
* [https://moodle.org/mod/forum/discuss.php?d=323237 MSA-15-0046] Choice module closing date can be bypassed | |||
===Fixes and improvements=== | ===Fixes and improvements=== |
Latest revision as of 09:07, 25 May 2022
Important:
This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date. Why not view this page on the new site and help us to migrate more content to the new site! |
This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 2.7.11 release notes
Release date: 9 November 2015
Here is the full list of fixed issues in 2.7.11.
Security issues
- MSA-15-0039 CSRF in site registration form
- MSA-15-0040 Student XSS in survey
- MSA-15-0041 XSS in flash video player
- MSA-15-0042 CSRF in lesson login form
- MSA-15-0043 Web service core_enrol_get_enrolled_users does not respect course group mode
- MSA-15-0044 Capability to view available badges is not respected
- MSA-15-0045 SCORM module allows to bypass access restrictions based on date
- MSA-15-0046 Choice module closing date can be bypassed
Fixes and improvements
- MDL-51083 - Fixed undesired browser password autofilling in several forms (majority of forms were fixed in MDL-45772 in previous release)
- MDL-51190 - Fixed MS Edge locking up when viewing embedded PDF