File moodle3_4.changes of Package moodle3_4
-------------------------------------------------------------------
Wed Nov 21 16:47:24 UTC 2018 - lars@linux-schulserver.de
- update to 3.4.6:
Highlights
+ MDL-62563 - Data deletion of existing deleted users
+ MDL-62558 - Provide a data registry configuration summary (read-only)
+ MDL-63726 - Option to remove the "Data retention summary" link in the footer
+ MDL-62491 - HTML data request export format
+ MDL-63401 - User expiry improvements
+ MDL-63619 - Data purpose and category inheritance improvements
+ MDL-62560 - Different data retention strategies for different roles in a purpose
+ MDL-62554 - Ability to configure data registry to use module type defaults
+ MDL-63818 - Possibility to override repository capabilities in activity contexts
+ MDL-63116 - Data requests bulk actions
+ MDL-63009 - Site mentioned in email notifications of data requests
+ MDL-62904 - Delete account link on profile page
Fixes and improvements
+ MDL-62319 - iOS 11.3 Moodle assignment grading interface fix
+ MDL-62738 - iOS mobile browsers TinyMCE editor fix
+ MDL-63403 - Glossary filter performance improvement
+ MDL-35788 - Edited forum post timestamp fix
+ MDL-63194 - Moving questions between sections in quiz fix
+ MDL-63421 - Environment check for version not supporting PHP 7.3
+ MDL-63542 - Web service core_course_get_course_contents should return stealth activities
+ MDL-63267 - Assignment rubrics should consider the fillings table
+ MDL-62139 - Boost: Gear icon accessibility improvements
+ MDL-63746 - Boost: Gear icon focus improvements
+ MDL-62145 - Boost: custommenuitems accessibility improvements
+ MDL-62144 - Boost: user profile menu accessibility improvements
+ MDL-62920 - Uploading deleted user then adding to cohort ignores the user,
instead of resulting in a fatal error
+ MDL-62960 - Drag and drop of course events should take into account the course start date
Security issues
+ MSA-18-0020 Login CSRF vulnerability in login form
(CVE-2018-16854; bsc#1116913)
- updated language packs
-------------------------------------------------------------------
Tue Nov 6 16:18:03 UTC 2018 - lars@linux-schulserver.de - 3.4.5
- Update to 3.4.5:
Highlights
+ MDL-62799 - tool_dataprivacy plugin merged into 3.4 core
+ MDL-62800 - tool_policy plugin merged into 3.4 core
+ MDL-62660 - Option to set a data request expiry time
+ MDL-57741 - Launch URL for Publish as LTI tool
+ MDL-57977 - Global search allows searching for users by alternate name
Fixes and improvements
+ MDL-60826 - Memory exhaustion error when trying to add/edit calendar event as admin
+ MDL-60874 - Clearer search results in user enrolment
+ MDL-62782 - Users with the capability mod/assign:viewgrades can also i
view uploaded feedback files
+ MDL-62849 - Filemanager: cannot manage files when there are folders
+ MDL-62534 - Empty course sections deleted when upgrading
+ MDL-62600 - Admin is misinformed that there are no data requests
+ MDL-61351 - Shibboleth logout does not handle file sessions correctly
+ MDL-62643 - Online text assignment submissions generate a blank HTML
document for grading when no text is entered
+ MDL-61424 - When token is rejected from moodle.net provide option to unregister
+ MDL-59847 - Behaviour when city/country are hiddenfields and identityfields
at the same time
+ MDL-62965 - User profile fields missing on signup page
+ MDL-62889 - Multiple fixes when redirecting to a URL after clicking on a notification
+ MDL-62989 - Data requests are listed by date requested for users
+ MDL-62896 - Some non-core plugins are missing their Additional label
on the Plugin data registry page
+ MDL-62769 - "Statistics for question positions" graph shows last
shown variant, not stats for overall question
+ MDL-62341 - 'Go back to previous page' link on All policies page
+ MDL-62746 - Boost core_tag modals content layout improvements
+ MDL-45389 - Forum index page alignment improvements
+ MDL-61707 - Pre-signup (minor check) session is not deleted upon signup
Security issues
+ MSA-18-0017 Moodle XML import of ddwtos could lead to intentional
remote code execution
+ MSA-18-0018 QuickForm library remote code vulnerability (upstream)
+ MSA-18-0019 Boost theme - blog search GET parameter insufficiently filtered
- updated language files
-------------------------------------------------------------------
Tue Jul 10 11:13:56 UTC 2018 - lars@linux-schulserver.de - 3.4.4
- update to 3.4.4:
Fixes and improvements
+ MDL-57968 - Multiple unnecessary Messaging AJAX requests
+ MDL-61702 - Can't install Moodle with MariaDB version >= 10.3.1
+ MDL-59047 - Short answer question doesn't display correctly when
using the Boost theme
+ MDL-61189 - Calendar event descriptions not saved when using TinyMCE
+ MDL-62239 - Drag and drop question types broken when using iOS 11.3
+ MDL-51419 - Filename corruption on download when name contains
multibyte chars when using MS Edge
+ MDL-62658 - Notifications are not marked as read when clicked on
+ MDL-62543 - New 'deleted' field for forum posts is used in the
wrong way for RSS feeds
+ MDL-62516 - Request to delete forum data for a user will delete
files of all users
+ MDL-62440 - Participants page exhausts memory with many site-wide
role assignments
+ MDL-62358 - Question rendering API does not support all
'question numbers' that might be needed
+ MDL-60915 - get_recordset methods load entire result set into memory in Postgres
+ MDL-62574 - Database exception when deleting user data from the HTML block
+ MDL-61832 - Editing options disappear after saving a Lesson page in expanded view
+ MDL-56498 - Notifications are not marked as read when clicked in popover
+ MDL-62320 - JSON should be enabled as a file type, as used in data export
+ MDL-62735 - Simple search does not obey global search on/off setting
+ MDL-58702 - Restore role mappings form has no label
+ MDL-61932 - Glossary created via import does not display on the front page
+ MDL-61778 - The online status icon in the messaging interface is a
"play" button instead of a coloured dot
+ MDL-58063 - Unable to access manage files within HTML block on
Page resource when using the Clean theme
+ MDL-61894 - Tag-managing dialog modals have unstyled buttons
+ MDL-62386 - Audio file doesn't display when using HTML5
audio media player
+ MDL-58697 - Assignment: Fixed incorrect "No submission" status if
group submission changed to individual submission
+ MDL-61724 - File resource: Fixed download problem for files with long names
+ MDL-61519 - Performance improvement in Calendar in case of big number
of course categories
+ MDL-55532 - Show grade category name in Grades Export
+ MDL-61714 - GDPR and privacy: Change default age of digital consent
according to current legislation on each country
+ MDL-52989 - Lesson: Fixed regression in cluster navigation
+ MDL-61183 - Display participants count on course participants page
+ MDL-60196 - Display custom external tool icon in activity chooser
+ MDL-61736 - Show self enroled user as inactive when self enrolement
method is disabled
+ MDL-61800 - A bug which led to the failure of some Scheduled Tasks in
certain circmstances has been fixed.
+ MDL-61733 - Database module: Fixed bug with creating tables in
templates using Atto editor
+ MDL-61348 - Quiz: Fixed a report bug where the count of the number of
attempts is sometimes incorrect in group averages
+ MDL-61520 - Quiz: Fixed a bug where the question text was no longer
exported in the quiz statistics HTML download
+ MDL-61950 - Quiz: Fixed a bug in the statistics report to display the
chosen questions for random question slots
+ MDL-62202 - GDPR: Moved the Privacy and policies administration section
to the Users tab (when GDPR plugins are installed)
+ MDL-62042 - Global search: Remove unicode non-characters from
indexing to resolve indexing errors
+ MDL-61827 - Facebook OAuth2: Update the Facebook Graph API to v2.12
Security issues
+ MSA-18-0007 Calculated question type allows remote code execution
by Question authors
+ MSA-18-0008 Users can download any file via portfolio assignment caller class
+ MSA-18-0009 Portfolio forum caller class allows a user to download any file
+ MSA-18-0010 User can shift a block from Dashboard to any page
+ MSA-18-0011 User who did not agree to the site policies can see the
site homepage as if they had full site access
+ MSA-18-0012 Portfolio script allows instantiation of class chosen by user
-------------------------------------------------------------------
Thu May 17 06:52:47 UTC 2018 - lars@linux-schulserver.de
- update to 3.4.3:
MDL-61306 - Implement privacy API in various components and standard
plugins for user data export and deletion (GDPR)
Fixes and improvements
+ MDL-58697 - Assignment: Fixed incorrect "No submission" status if
group submission changed to individual submission
+ MDL-61724 - File resource: Fixed download problem for files with
long names
+ MDL-61519 - Performance improvement in Calendar in case of big number
of course categories
+ MDL-55532 - Show grade category name in Grades Export
+ MDL-61714 - GDPR and privacy: Change default age of digital consent
according to current legislation on each country
+ MDL-52989 - Lesson: Fixed regression in cluster navigation
+ MDL-61183 - Display participants count on course participants page
+ MDL-60196 - Display custom external tool icon in activity chooser
+ MDL-61736 - Show self enroled user as inactive when self enrolement
method is disabled
+ MDL-61800 - A bug which led to the failure of some Scheduled Tasks in
certain circmstances has been fixed.
+ MDL-61733 - Database module: Fixed bug with creating tables in templates
using Atto editor
+ MDL-61348 - Quiz: Fixed a report bug where the count of the number
of attempts is sometimes incorrect in group averages
+ MDL-61520 - Quiz: Fixed a bug where the question text was no longer
exported in the quiz statistics HTML download
+ MDL-61950 - Quiz: Fixed a bug in the statistics report to display
the chosen questions for random question slots
+ MDL-62202 - GDPR: Moved the Privacy and policies administration section
to the Users tab (when GDPR plugins are installed)
+ MDL-62042 - Global search: Remove unicode non-characters from indexing
to resolve indexing errors
+ MDL-61827 - Facebook OAuth2: Update the Facebook Graph API to v2.12
+ A number of security related issues were resolved.
- updated language packs
-------------------------------------------------------------------
Mon Mar 19 08:43:54 UTC 2018 - lars@linux-schulserver.de
- update to 3.4.2:
Highlights
+ MDL-48501, MDL-61600 - Migrate to reCAPTCHA v2
+ MDL-51189 - Quiz: now possible to edit user overrides even if
quiz is not available to a student
+ MDL-60241 - Invisible default sections lead to unexpected visibility layout
+ MDL-61344 - Assignment: "additional files" are now shown in
Edit Submission view
GDPR preparation
Plugins will be available for Moodle 3.3 and 3.4 to help Moodle sites to
comply with GDPR. In Moodle 3.5 they will be included in the standard
distribution. Some necessary core changes were already included in this
release:
+ MDL-61307 - New Privacy subsystem
+ MDL-61477 - Allow plugins to handle site policies and
overwrite $CFG->sitepolicy
+ MDL-61423 - Signup process - add minimum age verification
Fixes and improvements
+ MDL-60815 - Fixed bug with loading CSS for editor
+ MDL-61549 - Fixed bug with empty user name on Participants page if
username is included in user identitfy fields
+ MDL-60812 - Select correct default role during manual enrolment
+ MDL-58006 - Assignment: reset 'Blind marking' status during 'Course reset'
+ MDL-58845 - Choice: hide "unanswered" column when it is set so in choice settings
+ MDL-56688 - Single View & grades export should follow the same
order set in gradebook set up
+ MDL-61305 - Performance: Modinfo cache can get built in parallel
+ MDL-61249 - Corrected end date for manual enrolments
+ MDL-61242 - EQUELLA repository: fixed error "The source url does
not match the sourcekey."
+ MDL-61175 - Change "Remind me to grade by" date according to the
new course start date after course restore
Security issues
+ A number of security related issues were resolved.
- updated language packs
- added new sub-packages:
+ config-nginx : providing nginx configuration files
+ config-php-fpm : providing PHP-FPM configuration files
-------------------------------------------------------------------
Mon Jan 15 11:49:53 UTC 2018 - lars@linux-schulserver.de
- update to 3.4.1:
Highlights
+ MDL-34161 - LTI: backup and restore supports submissions and also
course and site tools. References to the site tools are restored
only on the same site (they are not included in course backup
for security reasons).
+ MDL-27886 - If general backup setting "Include users" is unchecked,
users with relevant capability can now backup user data
+ MDL-40613 - LDAP authentication method now can synchronise custom
user profile fields
Fixes and improvements
+ MDL-58887 - Accessibility: Gear icon is now properly defined for screen readers
+ MDL-54106 - Fixed bug preventing deletion of incomplete users accounts
after specified period of time (setting "Delete not fully setup users after")
+ MDL-59512 - Allow to connect to OAuth 2 services that only support
client authentication via Basic Auth
+ MDL-56197 - Lesson: Multiple Choice answers should appear on same line as radio button
+ MDL-45068 - Number of bug fixes in Import Groups from CSV tool
+ MDL-52100 - Folder resource: Fixed bug with big files being deleted
when editing teachers update resource with global maxbytes lower
+ MDL-37757 - Turning off Server Files Repository should not break courses that use it
+ MDL-58272 - Assignment: Fixed bug when converting images in submisisons to pdf (unoconv)
+ MDL-54967 - IMS Common Cartridge import works correctly with HTML entities in URLs
+ MDL-27230 - Quiz: when group override is deleted the calendar event should also be deleted
+ MDL-57431 - Quiz: Clicking on help for "Shuffle" button no longer toggles shuffle itself
+ MDL-42676 - Assignment: Bug fix. The "This assignment is not accepting
submissions" message is displayed in the assignment when override the grade
+ MDL-34389 - Category manager with the 'moodle/course:changecategory'
should be able to move existing courses between categories
+ MDL-52538 - Lesson: Fixed bug with content pages displaying grade when they should not
+ MDL-45500 - Allow uninstalling grading methods plugins
+ MDL-58817 - LTI: display correct icons
+ MDL-43042 - Lession multichoice questions with multiple answers:
more clear indication for the user which answer was correct
+ MDL-40790 - Lesson: UI fix for content buttons running off the edge of the page
+ MDL-59999 - Lesson: Grade essays page does should show which essays have been graded
+ MDL-57564 - Respect setting "Sort my courses (navsortmycoursessort)" on the dashboard
Security issues
+ A number of security related issues were resolved.
- provide moodle-application
- updated language packs
-------------------------------------------------------------------
Tue Jan 9 09:27:07 UTC 2018 - lars@linux-schulserver.de
- Moodle 3.4 requires at least PHP 7.0, adapt the spec file
- create and package moodledata/models directory
-------------------------------------------------------------------
Thu Dec 28 20:54:49 UTC 2017 - lars@linux-schulserver.de
- new package, based on latest moodle3_3 package
