Moodle 2.4.5 release notes: Difference between revisions
From MoodleDocs
(Adding issues) |
(Adding security issues) |
||
Line 7: | Line 7: | ||
===Security issues=== | ===Security issues=== | ||
A number of security related issues were resolved. | A number of security related issues were resolved. | ||
* [https://moodle.org/mod/forum/discuss.php?d=232496 MSA-13-0025] XSS vulnerability in YUI library | |||
* [https://moodle.org/mod/forum/discuss.php?d=232497 MSA-13-0026] Personal information leak in IMS-LTI | |||
* [https://moodle.org/mod/forum/discuss.php?d=232498 MSA-13-0027] Access issue in Chat module | |||
* [https://moodle.org/mod/forum/discuss.php?d=232500 MSA-13-0028] Answer information revealed in Lesson activity | |||
* [https://moodle.org/mod/forum/discuss.php?d=232501 MSA-13-0029] XSS risk in conditional activities | |||
* [https://moodle.org/mod/forum/discuss.php?d=232502 MSA-13-0030] Information leak through RSS | |||
* [https://moodle.org/mod/forum/discuss.php?d=232503 MSA-13-0031] Personal information leak in Feedback activity | |||
===Fixes and improvements=== | ===Fixes and improvements=== | ||
Revision as of 01:40, 15 July 2013
Releases > Moodle 2.4.5 release notes
Release date: 8 July 2013
Here is the full list of fixed issues in 2.4.5.
Security issues
A number of security related issues were resolved.
- MSA-13-0025 XSS vulnerability in YUI library
- MSA-13-0026 Personal information leak in IMS-LTI
- MSA-13-0027 Access issue in Chat module
- MSA-13-0028 Answer information revealed in Lesson activity
- MSA-13-0029 XSS risk in conditional activities
- MSA-13-0030 Information leak through RSS
- MSA-13-0031 Personal information leak in Feedback activity
Fixes and improvements
- MDL-39673 - Stylesheet problems with large sheets in IE were fixed.
- MDL-39363 - SCORM pass/fail status is set for a grade of 0.
- MDL-39177 - Overwriting files always observes the "alias" attribute.
- MDL-33719 - When overwriting a copy of a file with an alias/shortcut of a file, the file thumbnail is refreshed.
- MDL-40142 - No JavaScript error is caused by the navigation block in relation to course categories.
- MDL-39512 - The manual graded question behaviour has been disabled by default.