One note on this release for sites with local customisations:

Bug 9203 fixes an issue with Moodle's "flexible tables", which makes it easy to introduce a security vulnerability if the code is not implemented correctly. We have modified the code to print an error if the code is vulnerable, to prevent any future occurrances.

If you get the error:

"Coding error: Base URL required"

somewhere on your site when upgrading it means your code is potentially vulnerable to cross-site scripting (XSS). You should ensure the flexible_table sets the baseurl by calling define_baseurl(), which will fix the error and protect your site.

Please feel free to post on the forum if you have any more questions.

Simon