Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Moodle 3.5.16 release notes: Difference between revisions

From MoodleDocs
m (released)
Line 18: Line 18:
   
   
==Security issues==
==Security issues==
* [https://moodle.org/mod/forum/discuss.php?d=417168 MSA-21-0003] Client side denial of service via personal message
Details of any security issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
* [https://moodle.org/mod/forum/discuss.php?d=417170 MSA-21-0004] Stored XSS possible via TeX notation filter
* [https://moodle.org/mod/forum/discuss.php?d=417171 MSA-21-0005] Arbitrary PHP code execution by site admins via Shibboleth configuration
 
==See also==
==See also==
*[[Moodle 3.5.15 release notes]]
*[[Moodle 3.5.15 release notes]]

Revision as of 07:36, 25 January 2021

This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 3.5.16 release notes

Release date: 18 January 2021

Here is the full list of fixed issues in 3.5.16.

For developers

  • MDL-70265 - Reduce the number of phpunit runs in core's .travis.yml
  • MDL-70276 - Add support for github actions to moodle.git
  • MDL-70148 - Write new keyboard steps for Behat

Backported bug fixes

  • MDL-68896 - SCORM error in Chrome because of "XHR in page dismissal" policy change

Security issues

  • MSA-21-0003 Client side denial of service via personal message
  • MSA-21-0004 Stored XSS possible via TeX notation filter
  • MSA-21-0005 Arbitrary PHP code execution by site admins via Shibboleth configuration

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Moodle_3.5.16_release_notes&oldid=58233"
Powered by MediaWiki