Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 3.1.16 release notes: Difference between revisions

From MoodleDocs
mNo edit summary
m (Protected "Moodle 3.1.16 release notes": Developer Docs Migration ([Edit=Allow only administrators] (indefinite)))
 
(4 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{Template:Migrated|newDocId=/general/releases/3.1/3.1.16}}
<p class="note">'''This version of Moodle is no longer supported for general bug fixes.''' You are encouraged to [[:en:Upgrading|upgrade]] to a supported version of Moodle.</p>
<p class="note">'''This version of Moodle is no longer supported for general bug fixes.''' You are encouraged to [[:en:Upgrading|upgrade]] to a supported version of Moodle.</p>


Line 14: Line 15:
===Security issues===
===Security issues===
   
   
Details of any security issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
* [https://moodle.org/mod/forum/discuss.php?d=381228 MSA-19-0001] Manage groups capability was missing the XSS risk flag
 
* [https://moodle.org/mod/forum/discuss.php?d=381229 MSA-19-0002] A blind SSRF risk was patched in /badges/mybackpack.php
* [https://moodle.org/mod/forum/discuss.php?d=381230 MSA-19-0003] User full name is now escaped in the un-linked userpix page
 
==See also==
==See also==
*[[Moodle 3.1.15 release notes]]
*[[Moodle 3.1.15 release notes]]

Latest revision as of 09:08, 25 May 2022

Important:

This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.

Why not view this page on the new site and help us to migrate more content to the new site!

This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 3.1.16 release notes

Release date: 14 January 2019

Here is the full list of fixed issues in 3.1.16.

Fixes and improvements

  • MDL-63994 - CAS authentication fixed
  • MDL-49651 - Hidden courses no longer send forum notifications to participants

Security issues

  • MSA-19-0001 Manage groups capability was missing the XSS risk flag
  • MSA-19-0002 A blind SSRF risk was patched in /badges/mybackpack.php
  • MSA-19-0003 User full name is now escaped in the un-linked userpix page

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Moodle_3.1.16_release_notes&oldid=62969"
Powered by MediaWiki