Totara 2.2.16 is a "security" release, because it includes important fixes for potential security vulnerabilities. We recommend upgrading your site to this release.
Here's the 2.2.16 changelog:
Release 2.2.16 (14th March 2013):
==================================================
Security fixes:
Fixes from MoodleHQ http://docs.moodle.org/dev/Moodle_2.2.8_release_notes
Database upgrades:
T-10069 Add appearance/theme administration permissions
Improvements:
T-10290 Add MSSQL support to Admin Database Replace tool
T-9857 Improve performance of Audience member count
T-10303 Improve internationalisation of emails sent from system in recipient user's language
T-10313 Ensure availability of user and hierarchy custom fields on all Reportbuilder report sources
Bug fixes:
T-10069 Fix initialisation of filepicker config in standardtotara theme
T-10332 Fix update_state() in completion for Completion Unknown status
T-10344 Fix course type display in Reportbuilder exports
T-10330 Fix error when deleting courses from Audiences
T-10349 Fix timeout when deleting courses from large Audiences
T-5734 Fix duplicate call to require_login in Programs
T-10348 Fix timeouts when totara_sync is run from browser
T-10214 Fix ajax call when adding comments to Learning Plans
T-10334 Fix display of description field on Learning Plan overview tab
T-10336 Fix wording for linked components in Learning Plans
T-10363 Fix ampersands in self-enrolment course welcome emails
T-10270 Fix forum discussion emails not being sent
T-10222 Fix SCORM auto-continue
T-10325 Fix collection of SCORM tracking data when viewing as pop-up in IE9
T-10329 Fix resizing error for SCORM pop-ups in IE8
T-10350 Fix errors in block_facetoface calendar
T-10335 Fix assignment of role when enrolling learner on a course via a Facetoface session
T-10295 Fix error when viewing task for a deleted Facetoface session