Totara Release Notes

Totara 2.2.29 (security) and Totara 2.4.20 (security) Released 27th May 2014

 
? ?
Totara 2.2.29 (security) and Totara 2.4.20 (security) Released 27th May 2014
di ? ? - Monday, 26 May 2014, 18:27
 

Totara 2.2.29 and 2.4.20 are both "security" releases, because they include important fixes for potential security vulnerabilities.

Here are the changelogs:

Release 2.2.29 (27th May 2014):
==================================================

Security Fixes:
    MDL-45332  Fixed URL parameter type to use PARAM_URL in the repository module
    MDL-43877  Fixed files from blocks in my/ were accessible to the world
    MDL-43119  Added valid until dates for tokens created by login/token.php
    T-12441    Fixed potential XSS vulnerability in quicklinks block

Database Upgrades:
    T-11680    Fixed bug where assigning a manager to a secondary position could affect primary positions

Bug Fixes:
    T-12280    Prevent deleting RPL records when deleting completion data

 

 

Release 2.4.20 (27th May 2014):
==================================================

Security Fixes:
    MoodleHQ   http://docs.moodle.org/dev/Moodle_2.4.10_release_notes
    T-12441    Fixed potential XSS vulnerability in quicklinks block

Database Upgrades:
    T-11680    Fixed bug where assigning a manager to a secondary position could affect primary positions

Bug Fixes:
    T-11799    Fixed completion logic error when using grade and status in SCORM activities
    T-12128    Fixed links on Windows servers for uploaded files with filenames in non-Latin alphabets
    T-12449    Recover course completion criteria dates for activity completion criteria
    T-12251    Fixed user properties in user_updated event when password changed
    T-12153    Fixed the setting of users timecreated field when new users are created by Totara Sync
    T-12313    Removed request approval button in Learning Plans while request is pending