Hello everyone,
The following versions of Totara Learn have now been released:
These versions do contain security fixes, and for this reason we strongly recommend upgrade.
Each release also includes various bug fixes and improvements.
A big thanks to the following people for their contributions to this release:
- Alex Damsted at Kineo Pacific - TL-36563
- Jo Jones at Kineo UK - TL-35650
- Michael Trio at Kineo USA - TL-34242
Kind regards,
Release Team
Release 17.6 (28th April 2023):
Important:
TL-37130 Fixed LTI 1.3 external tool viewing not being logged and not recognised for completion
When launching an External tool activity based on a LTI 1.3 compatible provider
the viewing event did not get triggered. This resulted in no event log entry
being created and completion through the activity completion setting "Learner
must view this activity to complete it" not being recognised. This has now been
fixed.
Security issues:
TL-36865 Cherry-picked MDL-76809: Fixed trainer access to learner information when they do not have permission
TL-36870 Cherry-picked MDL-76645: Fixed an XSS risk when outputting filter data within the database activity
TL-36871 Cherry-picked MDL-77204: Added file param cleaning to the backup restoration process of the wiki module
Performance improvements:
TL-34242 Improved performance of Seminar session list display by optimising the loading of enrollable sessions
Bug fixes:
TL-34211 Hid the seminar legacy notification settings when modern Seminar notifications are enabled
TL-35650 Prevented two cron jobs from updating dynamic audiences at the same time
TL-35807 Fixed the plan template name not displaying in some Record of Learning reports
The plan template name now displays correcting in Record of Learning reports,
this patch also deprecated the "Plan template start date" column in the same
reports.
TL-35976 Fixed dynamic loading of saved search for Messages report source
TL-35989 Fixed the message type filter not including program extension requests
This patch contains an upgrade which will update the msgtype and icon metadata
for existing program extension messages so they will match ongoing messages.
TL-36041 Fixed the anniversary calculation of repeating performance activities not using the correct timezone
TL-36156 Ensured the duedate information is loaded for course items in the Current Learning block
TL-36470 Updated the seminar bookings page to improve clarity around when notifications are displayed
A banner is now displayed in the notifications section when booking users into a
seminar event which is in progress or in the past, to provide information around
when a notification may not be sent.
TL-36486 Fixed multiple approvals for the same seminar attendee being possible in Tasks block
TL-36563 Added a user-friendly error message when uploading seminar attendees that don't exist as users
TL-36605 Fixed My Learning icons in a users report showing despite user not having the relevant permission
TL-36717 Fixed the formatting of placeholders for text area custom fields in notifications
TL-36763 Fixed links in the 'Notification logs' for programs and certifications
TL-36764 Enabled save search functionality for the site policies user consent report
TL-36790 Fixed editing the completion of a URL activity when 'Allow theme changes in the URL' is enabled
TL-36768 Fixed accessibility of the header notifications menu by adding an aria-label to the message and notification counts
TL-36770 Fixed accessibility for legacy dialogues by making them focusable via the keyboard
TL-36771 Fixed accessibility for disabled 'previous' and 'next' buttons in the Current Learning block
TL-36772 Fixed accessibility of the list and tile 'view' links on the reports dashboard by adding a focus outline
Technical changes:
TL-36274 The Redis5 session handler now supports connecting via TLS
TL-36845 Allowed flex_icons to be instantiated without checking they are valid
Previously, when a flex_icon was instantiated, it was checked to make sure it
existed. To do this, the theme had to be initialised. To avoid this, it is now
possible to specify that the check should be skipped.
Contributions:
* Alex Damsted at Kineo Pacific - TL-36563
* Jo Jones at Kineo UK - TL-35650
* Michael Trio at Kineo USA - TL-34242
Release 16.12 (28th April 2023):
Important:
TL-37130 Fixed LTI 1.3 external tool viewing not being logged and not recognised for completion
When launching an External tool activity based on a LTI 1.3 compatible provider
the viewing event did not get triggered. This resulted in no event log entry
being created and completion through the activity completion setting "Learner
must view this activity to complete it" not being recognised. This has now been
fixed.
Security issues:
TL-36865 Cherry-picked MDL-76809: Fixed trainer access to learner information when they do not have permission
TL-36870 Cherry-picked MDL-76645: Fixed an XSS risk when outputting filter data within the database activity
TL-36871 Cherry-picked MDL-77204: Added file param cleaning to the backup restoration process of the wiki module
Performance improvements:
TL-34242 Improved performance of Seminar session list display by optimising the loading of enrollable sessions
Bug fixes:
TL-34211 Hid the seminar legacy notification settings when modern Seminar notifications are enabled
TL-35370 Stopped disabled DropDownItem being focusable via keyboard navigation
TL-35650 Prevented two cron jobs from updating dynamic audiences at the same time
TL-35807 Fixed the plan template name not displaying in some Record of Learning reports
The plan template name now displays correcting in Record of Learning reports,
this patch also deprecated the "Plan template start date" column in the same
reports.
TL-35976 Fixed dynamic loading of saved search for Messages report source
TL-35989 Fixed the message type filter not including program extension requests
This patch contains an upgrade which will update the msgtype and icon metadata
for existing program extension messages so they will match ongoing messages.
TL-36041 Fixed the anniversary calculation of repeating performance activities not using the correct timezone
TL-36156 Ensured the duedate information is loaded for course items in the Current Learning block
TL-36470 Updated the seminar bookings page to improve clarity around when notifications are displayed
A banner is now displayed in the notifications section when booking users into a
seminar event which is in progress or in the past, to provide information around
when a notification may not be sent.
TL-36486 Fixed multiple approvals for the same seminar attendee being possible in Tasks block
TL-36563 Added a user-friendly error message when uploading seminar attendees that don't exist as users
TL-36605 Fixed My Learning icons in a users report showing despite user not having the relevant permission
TL-36717 Fixed the formatting of placeholders for text area custom fields in notifications
TL-36764 Enabled save search functionality for the site policies user consent report
TL-36790 Fixed editing the completion of a URL activity when 'Allow theme changes in the URL' is enabled
TL-36823 Fixed tenant users with job assignment capabilities being able to see members of other tenants
TL-36768 Fixed accessibility of the header notifications menu by adding an aria-label to the message and notification counts
TL-36770 Fixed accessibility for legacy dialogues by making them focusable via the keyboard
TL-36771 Fixed accessibility for disabled 'previous' and 'next' buttons in the Current Learning block
TL-36772 Fixed accessibility of the list and tile 'view' links on the reports dashboard by adding a focus outline
Technical changes:
TL-36274 The Redis5 session handler now supports connecting via TLS
Contributions:
* Alex Damsted at Kineo Pacific - TL-36563
* Jo Jones at Kineo UK - TL-35650
* Michael Trio at Kineo USA - TL-34242
Release 15.18 (28th April 2023):
Security issues:
TL-36865 Cherry-picked MDL-76809: Fixed trainer access to learner information when they do not have permission
TL-36870 Cherry-picked MDL-76645: Fixed an XSS risk when outputting filter data within the database activity
TL-36871 Cherry-picked MDL-77204: Added file param cleaning to the backup restoration process of the wiki module
Performance improvements:
TL-34242 Improved performance of Seminar session list display by optimising the loading of enrollable sessions
Bug fixes:
TL-35370 Stopped disabled DropDownItem being focusable via keyboard navigation
TL-35650 Prevented two cron jobs from updating dynamic audiences at the same time
TL-35807 Fixed the plan template name not displaying in some Record of Learning reports
The plan template name now displays correcting in Record of Learning reports,
this patch also deprecated the "Plan template start date" column in the same
reports.
TL-35976 Fixed dynamic loading of saved search for Messages report source
TL-35989 Fixed the message type filter not including program extension requests
This patch contains an upgrade which will update the msgtype and icon metadata
for existing program extension messages so they will match ongoing messages.
TL-36041 Fixed the anniversary calculation of repeating performance activities not using the correct timezone
TL-36486 Fixed multiple approvals for the same seminar attendee being possible in Tasks block
TL-36563 Added a user-friendly error message when uploading seminar attendees that don't exist as users
TL-36605 Fixed My Learning icons in a users report showing despite user not having the relevant permission
TL-36764 Enabled save search functionality for the site policies user consent report
TL-36790 Fixed editing the completion of a URL activity when 'Allow theme changes in the URL' is enabled
TL-36823 Fixed tenant users with job assignment capabilities being able to see members of other tenants
TL-36768 Fixed accessibility of the header notifications menu by adding an aria-label to the message and notification counts
TL-36770 Fixed accessibility for legacy dialogues by making them focusable via the keyboard
TL-36771 Fixed accessibility for disabled 'previous' and 'next' buttons in the Current Learning block
TL-36772 Fixed accessibility of the list and tile 'view' links on the reports dashboard by adding a focus outline
Technical changes:
TL-36274 The Redis5 session handler now supports connecting via TLS
Contributions:
* Alex Damsted at Kineo Pacific - TL-36563
* Jo Jones at Kineo UK - TL-35650
* Michael Trio at Kineo USA - TL-34242
Release 14.23 (28th April 2023):
Security issues:
TL-36865 Cherry-picked MDL-76809: Fixed trainer access to learner information when they do not have permission
TL-36870 Cherry-picked MDL-76645: Fixed an XSS risk when outputting filter data within the database activity
TL-36871 Cherry-picked MDL-77204: Added file param cleaning to the backup restoration process of the wiki module
Performance improvements:
TL-34242 Improved performance of Seminar session list display by optimising the loading of enrollable sessions
Bug fixes:
TL-35370 Stopped disabled DropDownItem being focusable via keyboard navigation
TL-35807 Fixed the plan template name not displaying in some Record of Learning reports
The plan template name now displays correcting in Record of Learning reports,
this patch also deprecated the "Plan template start date" column in the same
reports.
TL-35976 Fixed dynamic loading of saved search for Messages report source
TL-35989 Fixed the message type filter not including program extension requests
This patch contains an upgrade which will update the msgtype and icon metadata
for existing program extension messages so they will match ongoing messages.
TL-36041 Fixed the anniversary calculation of repeating performance activities not using the correct timezone
TL-36486 Fixed multiple approvals for the same seminar attendee being possible in Tasks block
TL-36563 Added a user-friendly error message when uploading seminar attendees that don't exist as users
TL-36605 Fixed My Learning icons in a users report showing despite user not having the relevant permission
TL-36764 Enabled save search functionality for the site policies user consent report
TL-36790 Fixed editing the completion of a URL activity when 'Allow theme changes in the URL' is enabled
TL-36823 Fixed tenant users with job assignment capabilities being able to see members of other tenants
TL-36768 Fixed accessibility of the header notifications menu by adding an aria-label to the message and notification counts
TL-36770 Fixed accessibility for legacy dialogues by making them focusable via the keyboard
TL-36771 Fixed accessibility for disabled 'previous' and 'next' buttons in the Current Learning block
TL-36772 Fixed accessibility of the list and tile 'view' links on the reports dashboard by adding a focus outline
Contributions:
* Alex Damsted at Kineo Pacific - TL-36563
* Michael Trio at Kineo USA - TL-34242
Release 13.31 (28th April 2023):
Security issues:
TL-36865 Cherry-picked MDL-76809: Fixed trainer access to learner information when they do not have permission
TL-36870 Cherry-picked MDL-76645: Fixed an XSS risk when outputting filter data within the database activity
TL-36871 Cherry-picked MDL-77204: Added file param cleaning to the backup restoration process of the wiki module
Performance improvements:
TL-34242 Improved performance of Seminar session list display by optimising the loading of enrollable sessions
Bug fixes:
TL-35370 Stopped disabled DropDownItem being focusable via keyboard navigation
TL-35976 Fixed dynamic loading of saved search for Messages report source
TL-35989 Fixed the message type filter not including program extension requests
This patch contains an upgrade which will update the msgtype and icon metadata
for existing program extension messages so they will match ongoing messages.
TL-36041 Fixed the anniversary calculation of repeating performance activities not using the correct timezone
TL-36563 Added a user-friendly error message when uploading seminar attendees that don't exist as users
TL-36605 Fixed My Learning icons in a users report showing despite user not having the relevant permission
TL-36764 Enabled save search functionality for the site policies user consent report
TL-36790 Fixed editing the completion of a URL activity when 'Allow theme changes in the URL' is enabled
TL-36823 Fixed tenant users with job assignment capabilities being able to see members of other tenants
Contributions:
* Alex Damsted at Kineo Pacific - TL-36563
* Michael Trio at Kineo USA - TL-34242
Release 12.52 (28th April 2023):
Security issues:
TL-36865 Cherry-picked MDL-76809: Fixed trainer access to learner information when they do not have permission
TL-36870 Cherry-picked MDL-76645: Fixed an XSS risk when outputting filter data within the database activity
TL-36871 Cherry-picked MDL-77204: Added file param cleaning to the backup restoration process of the wiki module