Totara Release Notes

Totara 1.0.25 Released 4th October 2011

Here's the changelog:

Release 1.0.25 (4 October 2011):
==================================================

Improvements:
8485 Arabic language pack added
8485 Additions to Finnish and Castilian Spanish language packs
9237 Add count of active users to notifications page
9203 Prevent XSS through flexible_table reoccuring

Bug fixes:
6399 Fix styling of course progress bar in RTL languages
9264 Course completion progress bar blank in report builder exports
9282 Headings not output via format_string() Preventing the use of the multi-lang filter
9232 Last login column actually displays second-to-last login timestamp
9241 Report builder upgrade and install result in different schemas
9358 Confirm linked courses dialog - competency name has rogue double quote
9370 Competency evidence not being sorted, so reorders whenever you change the linktype
9064 Fatal error when trying to add a hierarchy item when there are no frameworks Improved error and message
9379 Grader report columns mis-aligned when "Static students column" is on Change padding to fix alignment

Permalink

One note on this release for sites with local customisations:

Bug 9203 fixes an issue with Moodle's "flexible tables", which makes it easy to introduce a security vulnerability if the code is not implemented correctly. We have modified the code to print an error if the code is vulnerable, to prevent any future occurrances.

If you get the error:

"Coding error: Base URL required"

somewhere on your site when upgrading it means your code is potentially vulnerable to cross-site scripting (XSS). You should ensure the flexible_table sets the baseurl by calling define_baseurl(), which will fix the error and protect your site.

Please feel free to post on the forum if you have any more questions.

Simon

Permalink | Show parent