Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 3.4.8 release notes: Difference between revisions

From MoodleDocs
(Release is released.)
m (Protected "Moodle 3.4.8 release notes": Developer Docs Migration ([Edit=Allow only administrators] (indefinite)))
 
(4 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{Template:Migrated|newDocId=/general/releases/3.4/3.4.8}}
<p class="note">'''This version of Moodle is no longer supported for general bug fixes.''' You are encouraged to [[:en:Upgrading|upgrade]] to a supported version of Moodle.</p>
<p class="note">'''This version of Moodle is no longer supported for general bug fixes.''' You are encouraged to [[:en:Upgrading|upgrade]] to a supported version of Moodle.</p>


Line 16: Line 17:
===Security issues===
===Security issues===
   
   
Details of any security issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
* [https://moodle.org/mod/forum/discuss.php?d=384010 MSA-19-0004] "Log in as" functionality exposed to JavaScript risk on other users' Dashboards
 
* [https://moodle.org/mod/forum/discuss.php?d=384011 MSA-19-0005] Logged in users could view all calendar events
* [https://moodle.org/mod/forum/discuss.php?d=384012 MSA-19-0006] Users could elevate their role when accessing the LTI tool on a provider site
* [https://moodle.org/mod/forum/discuss.php?d=384013 MSA-19-0007] Stored HTML in assignment submission comments allowed links to be opened directly
 
==See also==
==See also==
*[[Moodle 3.4.7 release notes]]
*[[Moodle 3.4.7 release notes]]

Latest revision as of 09:09, 25 May 2022

Important:

This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.

Why not view this page on the new site and help us to migrate more content to the new site!

This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 3.4.8 release notes

Release date: 11 March 2019

Here is the full list of fixed issues in 3.4.8.

Fixes and improvements

  • MDL-63892 - Last post date and time shown correctly on forum page
  • MDL-64652 - Data export performance improvement
  • MDL-64971 - get_with_capability_join, get_users_by_capability, assign/unassign_capability now check the capability exists
  • MDL-64799 - Exponential question growth prevented when duplicating quizzes

Security issues

  • MSA-19-0004 "Log in as" functionality exposed to JavaScript risk on other users' Dashboards
  • MSA-19-0005 Logged in users could view all calendar events
  • MSA-19-0006 Users could elevate their role when accessing the LTI tool on a provider site
  • MSA-19-0007 Stored HTML in assignment submission comments allowed links to be opened directly

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Moodle_3.4.8_release_notes&oldid=63029"
Powered by MediaWiki