Moodle 2.4.1
Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.
You are encouraged to upgrade to a supported version of Moodle.
Release date: 14 January 2013
Here is the full list of fixed issues in 2.4.1.
Highlights
- MDL-32880 - Make 1.9 blocks restorable in 2.3 onwards
- MDL-34791 - Activity quick title edit updates name in gradebook
- MDL-35653 - Wiki module works if you activate the force format option
API changes
- MDL-30700 - There is a new function "text_sorting($columnname)" for the class flexible_table which allows you to specify which columns are of type "text" so they can be sorted correctly in all databases.
- MDL-35593 - core_webservice_get_site_info returns version number as PARAM_TEXT
- MDL-30961 - get_course_contents web service's name value is now PARAM_RAW
Security issues
- MSA-13-0001 - Security issue in Google Spellchecker in TinyMCE
- MSA-13-0002 - Capability issue with Outcome editing
- MSA-13-0003 - Potential server file access through backup restoration
- MSA-13-0004 - Information leak through activity report
- MSA-13-0005 - Potential phishing attack through URL redirects
- MSA-13-0006 - Potential information leak in Assignment module
- MSA-13-0007 - Potential exploit in messaging
- MSA-13-0008 - Information leak through Blog RSS
- MSA-13-0009 - Information leak through Blog RSS
- MSA-13-0010 - Failure to check capabilities in calendar
Fixes and improvements
- MDL-36680 - Overview report now gives correct course total by not including hidden item grades
- MDL-37165 - Assignment summary displays on Oracle
- MDL-36963 - Automatic updates deployer needs checks directory permissions