Moodle 2.4.2

Unsupported Moodle Version

This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

note

Because of a serious regression in the 2.4.2 release, Moodle 2.4.3 was release on Mon 18 March, 2013.

Release date: 11 March 2013

Here is the full list of fixed issues in 2.4.2.

Highlights

• MDL-32975 - There is an option to sort My Courses list alphabetically
• MDL-36297 - HTML purifier strings are now cached
• MDL-35074 - More students can now appear per page in the Grader Report
• MDL-34435 - Actions in categories are now logged

Functional changes

• MDL-30669 - Admins are warned before deleting 'Sticky' site-wide blocks in 2.2 accidentally through a course page
• MDL-37894 - Not yet opened quizzes show close date as well as open date
• MDL-35336 - Process for enabling statistics is now clearer

API changes

• MDL-36363 - Removing a file store cache instance removes its folder too
• MDL-31636 - Comments API allows plugins to set the date format

Security issues

• MSA-13-0011 Calendar subscription capability issue
• MSA-13-0012 Information leak in course profiles
• MSA-13-0013 Server information revealed through exception messages
• MSA-13-0014 Password revealed in WebDav repository
• MSA-13-0015 Cross-site scripting issue in Filepicker
• MSA-13-0016 External Entity Injection through Zend library
• MSA-13-0017 Form manipulation issue in notes
• MSA-13-0018 Personal information leak through repositories
• MSA-13-0019 Unauthorised settings editing through WebDav repository

Fixes and improvements

• Fixes for MUC - MDL-37683 MDL-37545 MDL-38110 MDL-38165
• MDL-37792 - Conditional Resource based on a profile interest field now works when fields are empty
• MDL-38173 - Adding modules to courses where completion is enabled no longer causes corruption
• MDL-37847 - Plain text essays now show HTML special characters appropriately
• MDL-37774 - Moodle 1.9 to 2.x course restore now works with directory resources
• MDL-37563 - Assignment upgrade now includes conditional access settings
• MDL-36757 - Editing an activity no longer reveals hidden grades
• MDL-35780 - Participants page disclosure of email addresses is now consistent
• MDL-35175 - Lesson now shows attempts if associated with a grouping
• MDL-37710 - Students can access their own submitted files in a team submission assignment
• MDL-38352 - Improved language strings added to the English language pack, the most noticeable being 'My Moodle' in the site admin settings renamed as My home

Translations

• Notas de Moodle 2.4.2
• Notes de mise à jour de Moodle 2.4.2