Menü Schließen

moodle E-Learningplattform Security und Bugfix Release 4.2.1

moodle Logo

Die Entwickler der freien E-Learningplattform moodle, haben das Update 4.2, 4.1.3 sowie 4.0.8 veröffentlicht. Die Updates beheben zahlreiche Fehler und schließen Sicherheitslücken.

moodle 4.2.1 Release Notes

General fixes and improvements

  • MDL-75576 – Question bank statistics are fetched inefficiently
  • MDL-75623 – Encode pluginfile.php urls in backup
  • MDL-73138 – & (ampersand) is displayed as & in group and role names in the participants list filter
  • MDL-75552 – is not working because the apiBase in badgeconnect.json is ignored
  • MDL-77791 – File search areas for database activity entries need to index using the content id
  • MDL-78087 – The H5P Timeline activity is not displayed
  • MDL-78010 – Improve performance/information for the labels upgrade in MDL-77612
  • MDL-78047 – Links with a new line in Text and media area aren’t displayed within the text box
  • MDL-77997 – Regression: can no longer download a single question in Moodle XML format when previewing it
  • MDL-76936 – Activity dates not reflecting in the course page after resetting course start date
  • MDL-78346 – langimport can accidentally uninstall all languages
  • MDL-78260 – Statistics for Random quiz questions: View details link broken
  • MDL-78151 – The setGregorianChange() error appears on the profile page when the Kyiv time zone is selected.
  • MDL-78065 – TinyMCE link icon doesn’t work correctly
  • MDL-77451 – Quick switching between selectors throws exception
  • MDL-77766 – Multi-choice and True-false labelling need to respect showstandardinstruction setting
  • MDL-76903 – Hidden final page in Book prevents activity completion
  • MDL-76693 – Activity Chooser – Activity Summary content overlap/scroll issue
  • MDL-73331 – Accessibility toolkit advanced page update for page flow issues
  • MDL-75696 – Errors when restoring pre-4.0 quiz backups
  • MDL-77933 – Dynamic registration should return site name and logo
  • MDL-77987 – Backup is timing out for huge courses with a lot of files to annotate
  • MDL-77883 – Themes: Error message display for text area field client side form validation is not reliably updated
  • MDL-76835 – Unordered lists indented incorrectly in the web page and the Atto editor
  • MDL-77546 – Fix the sorting order of the items in the grade items selector in Single view report
  • MDL-78125 – Feedback Modal not showing on quiz – Embedded answers (Cloze)
  • MDL-76344 – Course image “non image file” should not be displayed on the left like image file
  • MDL-78052 – Upgrade Font Awesome Library to 6.4.0
  • MDL-78094 – Soap protocol broken in Moodle 4.2
  • MDL-78054 – Encrypted mobile notifications: payload can be encrypted several times
  • MDL-78242 – Inconsistent coursecontact checking can lead to PHP notices during plugin installation
  • MDL-78176 – Drag and drop onto image/Drag and drop markers create question: Theme oddity in Preview section
  • MDL-78149 – Database: Separate groups database – can’t switch groups if the group has no entries.
  • MDL-78152 – No editing button for students in book with the right to create new chapters in boost
  • MDL-77810 – Grade summary: plugin types not translated
  • MDL-77781 – Course Reset: course_modules_viewed entries not deleted
  • MDL-78023 – tool_policy in Moodle 4.1.2: Spreadsheet (CSV/XLSX/ODT) download in some cases not working
  • MDL-78364 – Calculate custom report schedule users earlier
  • MDL-78006 – Activity chooser opens twice in the newly added sections (4.2 regression)
  • MDL-78034 – Multilanguage group names displayed incorrectly on BigBlueButton module
  • MDL-78026 – Multilang filter is not applied when creating calendar events
  • MDL-78007 – Tiny editor missing media buttons when teacher is commenting on quiz attempt
  • MDL-78170 – Glossary ratings average is not calculated properly using MSSQL database
  • MDL-78378 – Survey activity: Instructions for all three types of surveys are missing (M4.1 & M4.2)
  • MDL-77313 – Course restore searching is broken

For developers

  • MDL-78308 – preg_match(): Passing null to parameter #2 ($subject) when configuring custom menu items (PHP 8.1)
  • MDL-77995 – Building JS modules with Grunt doesn’t work if dirroot contains “/src”
  • MDL-77733 – Enable accessibility tests by default during Behat init
  • MDL-77799 – REST web service request exceptions are not included in server logs
  • MDL-76971 – Finish removing requires of externallib.php from Report builder

Security improvements

  • MDL-78225 – Content bank is leaking user sesskey when switching contexts
  • MDL-77320 – License manager leaks sesskey when creating new license
  • MDL-76688 – Add \ExplSyntaxOn to latex deny-list to prevent LaTeX3 programming syntax

Security fixes

A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.


Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert