Releases/1.2.5: Difference between revisions
From Mahara Wiki
< Releases
(Created page with "<div id="release-notes"> This is a major security release of Mahara 1.2. Stable releases are fit<br /> for general use. If you find a bug, please report it to the tracker: http…") |
mNo edit summary |
||
(One intermediate revision by one other user not shown) | |||
Line 21: | Line 21: | ||
</div> | </div> | ||
[[Category:Release Notes]] |
Latest revision as of 18:03, 19 Haziran 2019
This is a major security release of Mahara 1.2. Stable releases are fit
for general use. If you find a bug, please report it to the tracker:
https://bugs.launchpad.net/mahara/+filebug
This release includes an upgrade path from 1.0. If you wish to
upgrade, we encourage you to make a copy of your website and test the
upgrade on it first, to minimise the effect of any potential
unforeseen problems.
Changes from 1.2.4:
- Multiple XSS vulnerabilities (CVE-2010-1667)
- Multiple CSRF vulnerabilities (CVE-2010-1668)
- SQL Injection (CVE-2010-1669)
- Removal of dangerous auth plugin configuration options (CVE-2010-1670)
- New version of HTML Purifier fixing an IE-only XSS (CVE-2010-2479)
- Better handling of cron events to avoid sending duplicate emails
- Fix problems when mime_content_type() is missing
- Improved detection of https on Windows
- Set the correct envolope sender for emails sent on cron
- Set the locale in Mahara instead of in language packs