Revisions of moodle1
Jigish Gohil (cyberorg)
committed
(revision 13)
Lars Vogdt (lrupp)
committed
(revision 11)
- update to 1.9.18:
+ A number of security related issues were resolved. Details of
these issues will be released after a period of approximately
one week to allow system administrators to safely update to the
latest version.
- updated language packs
Lars Vogdt (lrupp)
committed
(revision 10)
- update to 1.9.17:
+ MDL-31248 Change to RC4 encryption is now backwards compatible -
Note: all users will need to log in to set a new cookie after
this update
+ MDL-31213 Problem with new password form was fixed
- updated language packs
Lars Vogdt (lrupp)
committed
(revision 9)
- update to 1.9.16:
+ A number of security related issues were resolved!
+ MDL-19147 - Single Simple forums are no longer targets for
moving (and losing) discussions
+ MDL-30273 - Students and teachers can add additional topics to
a simple forum discussion
+ MDL-20198 - Groups-Groupings access to Wiki fixed for Grouping only
+ MDL-20188 - Feedback retrival of scales in gradebook fixed
+ MDL-26421 - Error removed from German wiki help
Lars Vogdt (lrupp)
committed
(revision 8)
- update to 1.9.14:
+ MSA-11-0031 - Forms API constant issue
+ MSA-11-0032 - MNET SSL validation issue
+ MSA-11-0036 - Messaging refresh vulnerability
+ MSA-11-0037 - Course section editing injection vulnerability
+ MSA-11-0038 - Database injection protection strengthened
+ MSA-11-0040 - Potential personal information leak
+ MDL-27174 - Automated backups succeed when assignment has
instance of zero
+ MDL-4561 - Metacourses allow guest access with an enrolment key
- updated language packages
- moved the moodle datadirectory outside of the webserver root
to /srv/moodle1data to increase security
Lars Vogdt (lrupp)
committed
(revision 7)
- update to 1.9.13:
+ MDL-27717 - Problem with language packs causing incorrect
amounts to be sent to Authorize.net - fixed
+ MDL-27695 - Moodle Docs links fixed to point to correct
version of docs
+ MDL-27638 - Assignment Module Submissions SQL avoid overflow
+ MDL-27577 - Timestamp and timezone fixes
+ MSA-11-0020 Continue links in error messages can lead offsite
+ MSA-11-0024 Recaptcha images were being authenticated from an
older server
+ MSA-11-0025 Group names in user upload CSV not being escaped
+ MSA-11-0026 Fields in user upload CSV not being escaped
- also provide old locale packages
- final move to moodle1 package also in README and configs
- updated some language packs
Lars Vogdt (lrupp)
committed
(revision 2)
- update to 1.9.11:
+ MDL-16336 - HTML editor doesn't appear in Google Chrome
+ MDL-22970 - Glossary import displays too many items in
recent activity
+ MDL-21001 - Range column no longer displayed
+ MDL-24699 - update_user_record function does not specify
mnethostid when updating the user table
+ MDL-14934 - Reports/logs download in Excel format shows wrong time
+ MSA-11-0002 Cross-site request forgery vulnerability in RSS block
+ MSA-11-0003 Cross-site scripting vulnerability in tag autocomplete
+ MSA-11-0008 IMS enterprise enrolment file may disclose
sensitive information
- renamed the package to moodle1 to allow dual installation of
old version 1.x and new version 2.x in parallel
- update to 1.9.10 (bnc #650155):
+ this update fixes the following security incidents:
++ CVE-2010-4207, CVE-2010-4208, CVE-2010-4209:
Cross-site scripting (XSS) vulnerability in the Flash
component infrastructure
+ Multiple phpCAS library vulnerabilities
+ Customised HTML Purifier upgraded to 4.2.0
- upgraded language packs as the new version comes with more and/or
changed (translated) text
- update to 1.9.9:
MSA-10-0010 - Persistent Cross Site Scripting vulnerability in the
MNET access control interface
MSA-10-0011 - Cross Site Scripting vulnerability in blog/index.php
MSA-10-0012 - KSES Security Filter Bypassing vulnerability
Lars Vogdt (lrupp)
committed
(revision 1)
osc copypac from project:Education package:moodle revision:31
Displaying all 14 revisions
