Moodle 2.3.10 release notes: Difference between revisions
From MoodleDocs
m (Added link to spanish translation of page) |
(Adding security release notes) |
||
Line 9: | Line 9: | ||
===Security issues=== | ===Security issues=== | ||
* [https://moodle.org/mod/forum/discuss.php?d=244479 MSA-13-0036] Incorrect headers sent for secured resources | |||
* [https://moodle.org/mod/forum/discuss.php?d=244480 MSA-13-0037] Cross site scripting in Messages | |||
* [https://moodle.org/mod/forum/discuss.php?d=244481 MSA-13-0038] Access to server files through repository | |||
* [https://moodle.org/mod/forum/discuss.php?d=244482 MSA-13-0039] Cross site scripting in Quiz | |||
* [https://moodle.org/mod/forum/discuss.php?d=244483 MSA-13-0040] Cross site scripting vulnerability in YUI library | |||
===Fixes and improvements=== | ===Fixes and improvements=== |
Revision as of 00:44, 25 November 2013
This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.
Releases > Moodle 2.3.10 release notes
Release date: 14 November 2013
Here is the full list of fixed issues in 2.3.10.
Security issues
- MSA-13-0036 Incorrect headers sent for secured resources
- MSA-13-0037 Cross site scripting in Messages
- MSA-13-0038 Access to server files through repository
- MSA-13-0039 Cross site scripting in Quiz
- MSA-13-0040 Cross site scripting vulnerability in YUI library
Fixes and improvements
- MDL-36818 - Setting for CURLOPT_SSL_VERIFYHOST in CAS fixed.