Moodle 3.11.3
Release date: 13 September 2021
Here is the full list of fixed issues in 3.11.3.
General fixes and improvements
- MDL-70176 - Forum Grading Does Not Respect Separate Groups Filter
- MDL-71121 - Default settings async course backup
- MDL-49202 - Checking "Hidden" in grade item settings does not hide the item from student, at the same time selecting "Hide" from dropdown on the setup page does
- MDL-72242 - Missing SVG files in forum posts
- MDL-70376 - Assignment - Annotated PDF Download issues when page is turned
- MDL-72312 - PHP 7.2 tests failing in 3.10 & 3.9, caused by buggy php-igbinary extension
- MDL-71500 - Cannot select a date on the right hand side 3 month mini calendar, after previously selecting one
- MDL-69451 - moodle_read_slave_trait: restore temptables object when creating rw and ro handles
- MDL-72033 - User tours: step placement issues if screen too narrow
- MDL-71973 - Exception thrown when evaluating disabled models from the CLI
- MDL-70006 - Suspended enrolment will get analytics messages
- MDL-70165 - Unable to change user role in a new course
- MDL-70433 - In gradebook titles, ampersand '&' is being displayed as & amp;
- MDL-71050 - H5P does not use the correct language
- MDL-72358 - Error exception in content bank when an H5P file doesn't exist
- MDL-72265 - Backup code added in MDL-56310 incorrectly checks moodle/role:safeoverride for users who already have moodle/role:override
- MDL-67833 - Text run over on Lang customization screen
- MDL-72035 - Course completion report Excel download should include BOM to ensure correct character encoding
- MDL-71945 - Bulk releasing grades for anonymous submissions pushes them to gradebook
- MDL-71844 - Navigation breadcrumbs lost when running single task
- MDL-71487 - Setting filesize settings to huge values breaks settings pages/search
- MDL-72207 - Webservice mod_assign_get_submission_status doesn't support "All participants"
- MDL-71029 - Forum summary report multiplies counts by number of enrollments a user has
- MDL-72271 - Clicking "Finish Review" after a quiz set to Full screen popup with JavaScript security results in a 404 to /mod/quiz/0 if not in a popup window
- MDL-72325 - sitepolicynotagreed popup appears when trying to start a user tour
- MDL-72153 - Privacy export of user data doesn't export description files correctly/triggers debugging
- MDL-72106 - Error being displayed after deleting calendar subscription
- MDL-71899 - Improve 3.11 Activity information performance
- MDL-71925 - Inaccurate word count in Brickfield accessibility toolkit
Accessibility improvements
- MDL-68639 - Atto produces invalid nested unordered (UL) lists
- MDL-72286 - Atto plugin steals default submit action so enter key in other fields no longer submits the form
- MDL-71674 - Atto editor's insert image dialog boxes do not show all error messages
- MDL-71656 - Add meaningful label to colour items in colour chooser elements
- MDL-72206 - Insufficient colour contrast in warning messages in environment check
- MDL-71814 - Atto: File picker – file info panel focus issue
Security improvements
- MDL-72014 - Update grunt and some components to avoid some security reports
- MDL-72187 - Log visibility change of log stores
Security fixes
- MSA-21-0032 Session Hijack risk when Shibboleth authentication is enabled
- MSA-21-0033 Course participants download did not restrict which users could be exported
- MSA-21-0034 Authentication bypass risk when using external database authentication
- MSA-21-0035 Arbitrary file read by site administrators via LaTeX preamble
- MSA-21-0036 Quiz unreleased grade disclosure via web service