Mahara 1.3.4

Milestone information

Stacey Walker
Release registered:
No. Drivers cannot target bugs and blueprints to this milestone.  

Download RDF metadata


Assigned to you:
No blueprints or bugs assigned to you.
2 Andrew Nicols, 1 Penny Leach, 2 Richard Mansfield
No blueprints are targeted to this milestone.
5 Fix Released

Download files for this release

After you've downloaded a file, you can verify its authenticity using its MD5 sum or signature. (How do I verify a download?)

File Description Downloads
download icon (md5, sig) release tarball 321
last downloaded 27 weeks ago
download icon mahara-1.3.4.tar.bz2 (md5, sig) release tarball 48
last downloaded 62 weeks ago
download icon mahara-1.3.4.tar.gz (md5, sig) release tarball 77
last downloaded 45 weeks ago
Total downloads: 446

Release notes 

Mahara 1.3.4 Release Notes

This is a stable release of Mahara 1.3. Stable releases are fit for
general use. If you find a bug, please report it to the tracker:

This release includes an upgrade path from 1.0. If you wish to
upgrade, we encourage you to make a copy of your website and test the
upgrade on it first, to minimise the effect of any potential
unforeseen problems.

Changes from 1.3.3:

 * Blogs get deleted without sesskey check (CVE 2011-0440)
 * XSS in select box validation (CVE 2011-0439)
 * Leap2A fixes
 * Fix for out of memory errors


View the full changelog

Add some missing tinymce language packs
Check whether the export directory exists in export cleanup cron (bug #685633)
Ensure that usernames are lowercased during login attempt (bug #684425)
Fix for out of memory errors in rebuild_artefact_parent_cache_complete
Check sesskey when deleting blogs (bug #676336)
Escape error message in select box validation (bug #710428)
LEAP2A: workaround for exports that contain a wrong namespace due to a bug
introduced during the update to LEAP2A 2010-07 (bug #673434)

0 blueprints and 5 bugs targeted

Bug report Importance Assignee Status
673434 #673434 leap2a exports fail to import properly 3 High Penny Leach  10 Fix Released
676336 #676336 Blogs get deleted without sesskey check 3 High Richard Mansfield  10 Fix Released
710428 #710428 XSS in select box validation 3 High Richard Mansfield  10 Fix Released
684425 #684425 remote username doesn't lowercase usernames 5 Low Andrew Nicols  10 Fix Released
685633 #685633 export_cleanup_old_exports cron causes exception and long-running cron if export directory doesn't exist 5 Low Andrew Nicols  10 Fix Released
This milestone contains Public information
Everyone can see this information.