Für die hauptsächlich von Schulen, Universitäten und weiteren Bildungsstätten eingesetzte E-Learning Plattform, Moodle, wurde ein Patch veröffentlicht. Dieser soll eine Reihe von Sicherheitslücken schließen mit deren Hilfe ein berechtigter Benutzer, nicht jedoch das Gastkonto, beliebigen Schadcode ausführen kann.
moodle 3.2.2 Release Notes
Highlights
- MDL-36233 – Fixed inconsistent “Submissions not graded” link displayed to the teachers on the course overview block
- MDL-48228 – MySQL and MariaDB drivers updated to support full UTF-8 . For sites upgrading to 3.2.2, a CLI script may be used to convert to full UTF-8. See MySQL full unicode support for details.
Security issues
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
Fixes and improvements
- MDL-56122 – Force reload/recreation of (unoconv) preview in grading interface
- MDL-51833 – Performance improvement in event monitor preferences loading
- MDL-55859 – Assignment: Delete incomplete files after pdf conversion failure
- MDL-55762 – Better error handling around ghostscript
- MDL-50719 – Long-running scheduled task should not significantly slow down cron processing of other tasks
- MDL-57587 – Quiz: Show feedback images when reviewing a quiz attempt
- MDL-57608 – VideoJS and VideoJs-Youtube javascript modules are no longer loaded when not required on the page
- MDL-50770 – Dashboard should apply customized block positions during dashboard reset
- MDL-57374 – Pasting unformatted non HTML plain text in Atto should not remove all styles and class attributes from all existing content in editor
- MDL-57362 – Assignment list all submissions must respect separate groups mode
- MDL-46782 – When re-entering Multi-SCO SCORM start from the first uncompleted SCO
- MDL-53367 – Importing a forum with auto subscription now automatically subscribes current users
- MDL-50625 – Allow to use LDAP user synchronisation without page control
- MDL-55915 – Respect capability to view full names in assignment grading, grader report and manual user enrolment popup
- MDL-57785 – Don’t refresh SCORM navigation when navigation display is disabled
- MDL-57370 – Performance improvement when displaying notifications and messages popups
- MDL-57296 – Fixed bug when teacher without permission to view hidden grades was not able to collapse grade categories in the gradebook
- MDL-55547 – Event monitor: fixed bug preventing to view current subscription after deleting a course with subscriptions
For developers
- MDL-57030 – Add option to behat run tool to automatically rerun failures
- MDL-57940 – Allow behat parallel run to start at different time
moodle 3.1.5 Release Notes
Highlights
- MDL-36233 – Fixed inconsistent “Submissions not graded” link displayed to the teachers on the course overview block
- MDL-56592 – Allow teacher to toggle to/from “user view” in grader and user report in gradebook
- MDL-48228 – MySQL and MariaDB drivers updated to support full UTF-8 . For sites upgrading to 3.1.5, a CLI script may be used to convert to full UTF-8. See MySQL full unicode support for details.
Security issues
A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.
Fixes and improvements
- MDL-56122 – Force reload/recreation of (unoconv) preview in grading interface
- MDL-51833 – Performance improvement in event monitor preferences loading
- MDL-55859 – Assignment: Delete incomplete files after pdf conversion failure
- MDL-55762 – Better error handling around ghostscript
- MDL-50719 – Long-running scheduled task should not significantly slow down cron processing of other tasks
- MDL-57587 – Quiz: Show feedback images when reviewing a quiz attempt
- MDL-50770 – Dashboard should apply customized block positions during dashboard reset
- MDL-57374 – Pasting unformatted non HTML plain text in Atto should not remove all styles and class attributes from all existing content in editor
- MDL-57362 – Assignment list all submissions must respect separate groups mode
- MDL-46782 – When re-entering Multi-SCO SCORM start from the first uncompleted SCO
- MDL-53367 – Importing a forum with auto subscription now automatically subscribes current users
- MDL-50625 – Allow to use LDAP user synchronisation without page control
- MDL-55915 – Respect capability to view full names in assignment grading, grader report and manual user enrolment popup
- MDL-57785 – Don’t refresh SCORM navigation when navigation display is disabled
- MDL-57296 – Fixed bug when teacher without permission to view hidden grades was not able to collapse grade categories in the gradebook
- MDL-55547 – Event monitor: fixed bug preventing to view current subscription after deleting a course with subscriptions
moodle 3.0.9 Release Notes: https://docs.moodle.org/dev/Moodle_3.0.9_release_notes
moodle 2.7.19 Release Notes: https://docs.moodle.org/dev/Moodle_2.7.19_release_notes
Link Security Patch: https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-58010
Interessiert in verschiedenste IT Themen, schreibe ich in diesem Blog über Software, Hardware, Smart Home, Games und vieles mehr. Ich berichte z.B. über die Installation und Konfiguration von Software als auch von Problemen mit dieser. News sind ebenso spannend, sodass ich auch über Updates, Releases und Neuigkeiten aus der IT berichte. Letztendlich nutze ich Taste-of-IT als eigene Dokumentation und Anlaufstelle bei wiederkehrenden Themen. Ich hoffe ich kann dich ebenso informieren und bei Problemen eine schnelle Lösung anbieten. Wer meinen Aufwand unterstützen möchte, kann gerne eine Tasse oder Pod Kaffe per PayPal spenden – vielen Dank.