Moodle 3.5.7 release notes: Difference between revisions

Latest revision as of 09:09, 25 May 2022

Important:

This content of this page has been updated and migrated to the new Moodle Developer Resources. The information contained on the page should no longer be seen up-to-date.

Why not view this page on the new site and help us to migrate more content to the new site!

This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.

Releases > Moodle 3.5.7 release notes

Release date: 8 July 2019

Here is the full list of fixed issues in 3.5.7.

Fixes and improvements

MDL-58315 - Boost theme no longer ignores HTML block custom classes
MDL-65581 - Hidden blocks can once again be unhidden
MDL-65249 - Redis cache store correctly displays exception after failed connections

Security fixes and improvements

Security fixes

MSA-19-0013 Missing sesskey (CSRF) token in loading/unloading XML files
MSA-19-0014 Ability to delete glossary entries that belong to another glossary
MSA-19-0015 Quiz group overrides did not observe groups membership or accessallgroups
MSA-19-0016 Assignment group overrides did not observe separate groups mode
MSA-19-0017 Upgrade TCPDF library for PHP 7.3 and bug fixes (upstream)

Security improvements

The following bug fixes or improvements were made, which contribute to improving security or privacy best practices:

MDL-60347 - SMTP debugging now also requires developer level debugging messages to be enabled before being displayed. Although SMTP debugging is not intended for production site use, this provides an additional fallback measure to prevent verbose debugging from being unintentionally being visible to users.

@@ Line 1: / Line 1: @@
+{{Template:Migrated|newDocId=/general/releases/3.5/3.5.7}}
+<p class="note">'''This version of Moodle is no longer supported for general bug fixes.''' You are encouraged to [[:en:Upgrading|upgrade]] to a supported version of Moodle.</p>
 [[Releases]] > {{FULLPAGENAME}}
-Release date: Not yet released - scheduled for 8 July 2019
+Release date: 8 July 2019
 Here is [https://tracker.moodle.org/secure/IssueNavigator!executeAdvanced.jspa?jqlQuery=project+%3D+mdl+AND+resolution+%3D+fixed+AND+fixVersion+in+%28%223.5.7%22%29+ORDER+BY+priority+DESC&runQuery=true&clear=true the full list of fixed issues in 3.5.7].
@@ Line 10: / Line 13: @@
 * MDL-65581 - Hidden blocks can once again be unhidden
 * MDL-65249 - Redis cache store correctly displays exception after failed connections
-* MDL-60347 - SMTP debugging no longer displayed for lower debugging output levels
-===Security issues===
-Details of any security issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
+===Security fixes and improvements===
+====Security fixes====
+* [https://moodle.org/mod/forum/discuss.php?d=388567 MSA-19-0013] Missing sesskey (CSRF) token in loading/unloading XML files
+* [https://moodle.org/mod/forum/discuss.php?d=388568 MSA-19-0014] Ability to delete glossary entries that belong to another glossary
+* [https://moodle.org/mod/forum/discuss.php?d=388569 MSA-19-0015] Quiz group overrides did not observe groups membership or accessallgroups
+* [https://moodle.org/mod/forum/discuss.php?d=388570 MSA-19-0016] Assignment group overrides did not observe separate groups mode
+* [https://moodle.org/mod/forum/discuss.php?d=388571 MSA-19-0017] Upgrade TCPDF library for PHP 7.3 and bug fixes (upstream)
+====Security improvements====
+The following bug fixes or improvements were made, which contribute to improving security or privacy best practices:
+* MDL-60347 - SMTP debugging now also requires developer level debugging messages to be enabled before being displayed. Although SMTP debugging is not intended for production site use, this provides an additional fallback measure to prevent verbose debugging from being unintentionally being visible to users.
 ==See also==
 *[[Moodle 3.5.6 release notes]]

Documentation