Moodle 3.11.5 release notes: Difference between revisions

Latest revision as of 09:08, 25 May 2022

Important:

This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.

Why not view this page on the new site and help us to migrate more content to the new site!

Releases > Moodle 3.11.5 release notes

Release date: 17 January 2022

Here is the full list of fixed issues in 3.11.5.

General fixes and improvements

MDL-68944 - Workshop skips scheduled allocation
MDL-69467 - H5P attempts not recorded when multiple users have same email address
MDL-69496 - mod_quiz: Or all available attempts completed setting value lost
MDL-68773 - Adhoc tasks for backup and restore are stuck in endless fail delay loop
MDL-59115 - OAuth2 does not pass in all user mapped settings into new account
MDL-72796 - retry interval in milliseconds for redis session cache is far too high
MDL-72791 - Custom course field content for new course not found in global search
MDL-72443 - SVG files do not support the preview mode
MDL-72716 - You should not be able to add more than one instance of most blocks to your Dashboard
MDL-72925 - Forum grading separate group filter shows discussion topics in the other groups
MDL-73414 - Impossible to turn on only "Enable web services" from site admin page
MDL-73189 - File upload limits not always enforced if there are many simultaneous uploads in progress
MDL-69061 - Lack of files reported during upgrade to 3.9 when $CFG->admin differs from 'admin'
MDL-73046 - HTML5 video in the mediaplugin fails when using .MOV files
MDL-72988 - PHP Notices detected in web server logs (mod_lti)
MDL-72966 - File upload: Uncaught TypeError from JavaScript when uploading a single file
MDL-73195 - mod_url: Error makes course/view.php unreachable if an invalid URL is saved
MDL-73207 - $CFG->scheduled_tasks has incorrect order for dayofweek and months in cron spec
MDL-72701 - Expand unit test coverage defaults
MDL-73128 - Image caption warning for external badges
MDL-73155 - Essay qtype: Error message is displayed when Allow attachments field is reset to 'No'
MDL-73256 - Disabling "Require email verification" doesn't persist properly the first time
MDL-73086 - User profile fields are broken when having uppercase in shortname
MDL-73153 - External badge image not displayed in some cases
MDL-72992 - Cannot enter feedback from grader report when feedback was previously deleted from assign grader
MDL-72785 - Can't delete course category
MDL-73176 - JS exception filtering course participants for keyword containing quotes
MDL-73402 - Admin bookmarks block is too aggressive at cleaning bookmarked section
MDL-72870 - Quiz attempt navigation buttons misaligned
MDL-73039 - Double encoding of site/course name in course download
MDL-73140 - Badly formatted lists in the grade history report
MDL-72982 - Data request email breaks organisation signature
MDL-61671 - Admin mobile certificate check can return errors on valid certificate
MDL-72789 - Improve filtering by component in eventlist report
MDL-72908 - Purge all caches only purges the selected cache if selected
MDL-73074 - Course autocomplete duplicated in report condition/filter
MDL-73255 - User Participants filter leaves invalid group filter row if no groups are present

Accessibility improvements

MDL-70274 - The WCAG (cynthia.exe) validator links in the footer is no longer available
MDL-73026 - Focus outline for modal close button is clipped and has insufficient colour contrast
MDL-70721 - Need a Mustache helper method for html entities
MDL-73142 - File extension in Essay accepted file type list is failing accessibility color contrast limits

For developers

MDL-73175 - Add behat generators for glossary entries and categories
MDL-73202 - Add behat generators for forum discussions and posts
MDL-72846 - Create default block generator for testing
MDL-73269 - Add PHP version and required/optional extensions to composer.json

Security improvements

MDL-72096 - New helper function for cleaning SQL ORDER BY clauses
MDL-73295 - sesskey is exposed in url for /user/managetoken.php

Security fixes

MSA-22-0001 SQL injection risk in code fetching h5p activity user attempts
MSA-22-0002 calendar:manageentries capability allows CRUD access to all calendar events
MSA-22-0003 Capability gradereport/user:view not always respected when navigating to a user's course grade report
MSA-22-0004 CSRF risk in badge alignment deletion

@@ Line 1: / Line 1: @@
+{{Template:Migrated|newDocId=/general/releases/3.11/3.11.5}}
 [[Releases]] > {{FULLPAGENAME}}
-Release date: Not yet released - scheduled for 17 January 2022
+Release date: 17 January 2022
 Here is [https://tracker.moodle.org/secure/IssueNavigator!executeAdvanced.jspa?jqlQuery=project+%3D+mdl+AND+resolution+%3D+fixed+AND+fixVersion+in+%28%223.11.5%22%29+ORDER+BY+priority+DESC&runQuery=true&clear=true the full list of fixed issues in 3.11.5].
@@ Line 63: / Line 64: @@
 ==Security fixes==
-Details of any security issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
+* [https://moodle.org/mod/forum/discuss.php?d=431099 MSA-22-0001] SQL injection risk in code fetching h5p activity user attempts
+* [https://moodle.org/mod/forum/discuss.php?d=431100 MSA-22-0002] calendar:manageentries capability allows CRUD access to all calendar events
+* [https://moodle.org/mod/forum/discuss.php?d=431102 MSA-22-0003] Capability gradereport/user:view not always respected when navigating to a user's course grade report
+* [https://moodle.org/mod/forum/discuss.php?d=431103 MSA-22-0004] CSRF risk in badge alignment deletion
 ==See also==

Documentation