Moodle 3.8.6 release notes: Difference between revisions
From MoodleDocs
| Line 45: | Line 45: | ||
==Security fixes== | ==Security fixes== | ||
* [https://moodle.org/mod/forum/discuss.php?d=413935 MSA-20-0016] Teacher is able to unenrol users without permission using course restore | |||
* [https://moodle.org/mod/forum/discuss.php?d=413936 MSA-20-0017] Privilege escalation within a course when restoring role overrides | |||
* [https://moodle.org/mod/forum/discuss.php?d=413938 MSA-20-0018] Some database module web services did not respect group settings | |||
* [https://moodle.org/mod/forum/discuss.php?d=413939 MSA-20-0019] tool_uploadcourse creates new enrol instances unexpectedly in some circumstances | |||
* [https://moodle.org/mod/forum/discuss.php?d=413941 MSA-20-0021] The participants table download feature did not respect the site's "show user identity" configuration | |||
==See also== | ==See also== | ||
*[[Moodle 3.8.5 release notes]] | *[[Moodle 3.8.5 release notes]] | ||
Revision as of 09:23, 16 November 2020
This version of Moodle is no longer supported for general bug fixes. You are encouraged to upgrade to a supported version of Moodle.
Releases > Moodle 3.8.6 release notes
Release date: 9 November 2020
Here is the full list of fixed issues in 3.8.6.
General fixes and improvements
- MDL-68722 - Atto Equation Editor Symbols missing
- MDL-68070 - Messaging breaks when "Personal messages between users" is disabled
- MDL-68900 - Attempting to grade forums outside of their display period causes invalid response value error
- MDL-65792 - Timed/Scheduled Posts are displaying create/modified time instead of release time
- MDL-69667 - Competencies count always 0 in competencyframeworks
- MDL-69772 - Incorrect 'allcountrycodes' field prevents country selection during registration
- MDL-69641 - Fix Course gradebook slow query due to cross join on full user table (backport of MDL-69190)
- MDL-62387 - Cohort sync dropdown contains redundant entries
- MDL-69342 - 'Delete picture' checkbox deletes also the new profile picture when editing profile
- MDL-69359 - Add option to show only contributed plugins in uninstall script (backport of MDL-69260)
- MDL-67654 - Forum inline reply does not use formchangechecker
- MDL-69791 - Grader report doesn't show an error message when an invalid grade is entered in AJAX mode
- MDL-69818 - Restoring a feedback activity doesn't restore item dependency
- MDL-67650 - Forced $CFG config checkbox, select, textarea are not disabled in GUI
- MDL-68438 - Changing notification email format fails if messaging is disabled
- MDL-68284 - Locking invisible quiz in gradebook setup makes it visible (but only on gradebook setup page)
- MDL-69805 - Database activity shows the comments option even if comments are disabled at site level
Accessibility improvements
- MDL-65074 - Quiz navigation buttons use part of btn-secondary styles, can disappear
- MDL-70004 - Invalid role attribute in the label for the "Clear my choice" option
- MDL-69392 - Colour contrast issues in quiz
- MDL-68766 - Login form: "Log in using your account on:" should be h3, not h6
- MDL-69395 - Insufficient colour contrast between form control borders and background
- MDL-69649 - Missing labels in restore page
For developers
- MDL-52407 - Travis: Start sending e-mail notifications
Security improvements
- MDL-68292 - admin/modules.php exposes CSRF token (sesskey) in url
- MDL-69014 - User preferences not removed when tours are deleted
- MDL-69807 - Editing a block exposes the CSRF token (sesskey) in the url
Security fixes
- MSA-20-0016 Teacher is able to unenrol users without permission using course restore
- MSA-20-0017 Privilege escalation within a course when restoring role overrides
- MSA-20-0018 Some database module web services did not respect group settings
- MSA-20-0019 tool_uploadcourse creates new enrol instances unexpectedly in some circumstances
- MSA-20-0021 The participants table download feature did not respect the site's "show user identity" configuration
