Path to this page:
Subject: CVS commit: [pkgsrc-2012Q3] pkgsrc/www/moodle
From: Matthias Scheler
Date: 2012-12-04 14:13:44
Message id: 20121204131345.35989175DD@cvs.netbsd.org
Log Message:
Pullup ticket #3980 - requested by wen
www/moodle: security update
Revisions pulled up:
- www/moodle/Makefile 1.15 via patch
- www/moodle/PLIST 1.11
- www/moodle/distinfo 1.11
---
Module Name: pkgsrc
Committed By: wen
Date: Fri Nov 30 07:19:45 UTC 2012
Modified Files:
pkgsrc/www/moodle: Makefile PLIST distinfo
Log Message:
Update to 2.3.3
Upstream changes:
Moodle 2.3.3 release notes
Highlights
MDL-35297 - Upgrading books from earlier versions now works correctly
MDL-21801 - References to the non-functional Powerpoint import option
have been removed from the Lesson module
MDL-33166 - A capability has been introduced to consistently exempt
specific users from forum auto-subscriptions and forced subscriptions
MDL-34607 - Folder resources now show files in sorted order
MDL-33646 - Viewing an empty book shows a friendly notice rather than
an error messsage
Functional changes
MDL-34794 - Course reset now works with the new Assignment module
MDL-35370 - Blank answers in Cloze type quiz questions are treated
accordingly, when an answer of zero is expected
MDL-33374 - When adding or updating a user profile, the action button
displays 'Create user' and 'Update user' relatively
MDL-27786 - The title field of a new calendar event is now labelled
"Event title" instead of "Name"
MDL-28235 - The close button on help dialogues have changed to provide
greater accessibility. (Note: if debugging is turned on, a string
error will appear during the upgrade process. This is expected and
will be resolved once the upgrade process is complete.)
API changes
MDL-30667 - Maximum upload limits are enforced consistently in
relation to various system variables
MDL-35395 - A method has been added so forms can work around form
change checking when necessary
MDL-35442 - Local plugins now have settings and uninstall links on the
plugins overview page
Security issues
MSA-12-0057 Access issue through repository
MSA-12-0058 Possible form data manipulation issue
MSA-12-0059 Information leak in Database activity module
MSA-12-0060 Cross-site scripting vulnerability in YUI2
MSA-12-0061 Remote code execution through Portfolio API
MSA-12-0062 Information leak in Database activity module
MSA-12-0063 Information leak in Check Permissions page
Fixes and improvements
MDL-35411 - Submissions and feedback are now saved with
imported/restored assignments
MDL-35397 - Notifications page 'many other contributors' link leads to
appropriate credits page
MDL-35726 - Feedback forms work correctly when grading a series of assignments
MDL-35754 - Quizzes in pop-up windows now work correctly
Files: