Moodle 2.2.8 release notes: Difference between revisions
From MoodleDocs
(Adding security release notes) |
David Mudrak (talk | contribs) m (MDLSITE-6551) |
||
Line 20: | Line 20: | ||
* [https://moodle.org/mod/forum/discuss.php?d=225348 MSA-13-0019] Unauthorised settings editing through WebDav repository | * [https://moodle.org/mod/forum/discuss.php?d=225348 MSA-13-0019] Unauthorised settings editing through WebDav repository | ||
=== | ===tablees and improvements=== | ||
* MDL-37774 - Moodle 1.9 to 2.x course restore now works with directory resources | * MDL-37774 - Moodle 1.9 to 2.x course restore now works with directory resources |
Revision as of 13:06, 9 August 2021
Because of a serious regression in the 2.2.8 release, Moodle 2.2.9 was release on Mon 18 March, 2013.
This version of Moodle is no longer fully supported. Generally, only fixes to serious security issues have been applied to this version. You are encouraged to upgrade to a fully supported version of Moodle.
Releases > Moodle 2.2.8 release notes
Release date: 11 March 2013
Here is the full list of fixed issues in 2.2.8.
Security issues
- MSA-13-0012 Information leak in course profiles
- MSA-13-0013 Server information revealed through exception messages
- MSA-13-0014 Password revealed in WebDav repository
- MSA-13-0015 Cross-site scripting issue in Filepicker
- MSA-13-0016 External Entity Injection through Zend library
- MSA-13-0017 Form manipulation issue in notes
- MSA-13-0018 Personal information leak through repositories
- MSA-13-0019 Unauthorised settings editing through WebDav repository
tablees and improvements
- MDL-37774 - Moodle 1.9 to 2.x course restore now works with directory resources