Skip to main content

Moodle 3.5.8

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 9 September 2019

Here is the full list of fixed issues in 3.5.8.

Fixes

  • MDL-66136 - Online text assignment error when attempting to submit an image only (with no text)
  • MDL-65925 - Grade page is broken if submission other than PDF was deleted
  • MDL-65749 - Upgrade PHPMailer

Security fixes

  • MSA-19-0018 JavaScript injection possible in some Mustache templates via recursive rendering from contexts
  • MSA-19-0019 Course creation did not check the creator's role assignment capability before automatically assigning them as a teacher in the course
  • MSA-19-0020 Python Machine Learning dependency versions bumped
  • MSA-19-0021 Activity :addinstance capabilities were not respected when creating a course in single activity format
  • MSA-19-0022 Open redirect in the mobile launch endpoint could be used to expose mobile access tokens
  • MSA-19-0023 Forum subscribe link contained an open redirect if forced subscription mode was enabled

Translations