Moodle 3.11.9
Release date: 22 August 2022
Here is the full list of fixed issues in 3.11.9.
General fixes and improvements
- MDL-62959 - Changing a course event to a user event results in an error
- MDL-74947 - As Admin, when creating an external tool (LTI), "Shared secret" is truncated at < character
- MDL-69251 - LTI enrol method wrongly unenrols users due to bad task internal state
- MDL-68843 - LTI Tools don't get deleted when linked activity module is deleted from course
- MDL-74681 - Reads directly after writes to a table are stale when using read replicas if the update takes too long
- MDL-75386 - Editor stylesheets does not include stylesheets for subplugins
- MDL-75083 - Login form double submission leads to invalid login
- MDL-74492 - Atto editor wrongfully creates UL tags inside SVG
- MDL-73215 - Undefined variable error when online text assignment submission deleted
- MDL-74784 - Related system badges causing badge rendering issue
- MDL-74282 - Outcomes report should not be available if outcomes are disabled
- MDL-74974 - Show correct answer and feedback when overriding grade (backport of MDL-74495)
- MDL-72430 - Editing events results in changing the type of event and removing the Course option
- MDL-56923 - Assignment, Add new criterion icon should be aligned to the right, in RTL mode (theme:boost)
Security improvements
- MDL-75237 - Alternate implementation of MSA-22-0016 applied to fix a regression (Note: There was no new security risk addressed, however MDL-75237 still has access restricted to avoid revealing details of the original vulnerability)
Security fixes
- MSA-22-0021 - Upgrade Mustache to latest version (upstream)
- MSA-22-0022 - CSRF risk in enabling/disabling installed H5P libraries