Moodle 2.3.8 release notes: Difference between revisions
From MoodleDocs
(Adding issues) |
(Adding security issues) |
||
Line 9: | Line 9: | ||
===Security issues=== | ===Security issues=== | ||
A number of security related issues were resolved. | A number of security related issues were resolved. | ||
* [https://moodle.org/mod/forum/discuss.php?d=232496 MSA-13-0025] XSS vulnerability in YUI library | |||
* [https://moodle.org/mod/forum/discuss.php?d=232497 MSA-13-0026] Personal information leak in IMS-LTI | |||
* [https://moodle.org/mod/forum/discuss.php?d=232498 MSA-13-0027] Access issue in Chat module | |||
* [https://moodle.org/mod/forum/discuss.php?d=232500 MSA-13-0028] Answer information revealed in Lesson activity | |||
* [https://moodle.org/mod/forum/discuss.php?d=232502 MSA-13-0030] Information leak through RSS | |||
* [https://moodle.org/mod/forum/discuss.php?d=232503 MSA-13-0031] Personal information leak in Feedback activity | |||
===Fixes and improvements=== | ===Fixes and improvements=== | ||
Revision as of 01:41, 15 July 2013
This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.
Releases > Moodle 2.3.8 release notes
Release date: 8 July 2013
Here is the full list of fixed issues in 2.3.8.
Security issues
A number of security related issues were resolved.
- MSA-13-0025 XSS vulnerability in YUI library
- MSA-13-0026 Personal information leak in IMS-LTI
- MSA-13-0027 Access issue in Chat module
- MSA-13-0028 Answer information revealed in Lesson activity
- MSA-13-0030 Information leak through RSS
- MSA-13-0031 Personal information leak in Feedback activity
Fixes and improvements
- MDL-39363 - SCORM pass/fail status is set for a grade of 0.
- MDL-39177 - Overwriting files always observes the "alias" attribute.
- MDL-33719 - When overwriting a copy of a file with an alias/shortcut of a file, the file thumbnail is refreshed.
- MDL-40142 - No JavaScript error is caused by the navigation block in relation to course categories.
- MDL-39512 - The manual graded question behaviour has been disabled by default.