Mahara 1.6.3
Milestone information
- Active:
- No. Drivers cannot target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- 2 Aaron Wells, 3 Melissa Draper, 1 Ruslan Kabalin, 1 Son Nguyen
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- 9 Fix Released
Download files for this release
Release notes
Mahara 1.6.3 Release Notes
This is a stable release of Mahara 1.6. Stable releases are fit for
general use. If you find a bug, please report it to the tracker:
https:/
This release includes an upgrade path from 1.0. If you wish to
upgrade, we encourage you to make a copy of your website and test the
upgrade on it first, to minimise the effect of any potential
unforeseen problems.
Changes from 1.6.2:
* flowplayer: Updating flowplayer with custom build to disallow absolute URLs in config parameters
* internalmedia/
* Remove 'safe' function from template to prevent xss (Bug #1091764)
* Remove the wwwroot from redirect url concatenation (Bug #1113180)
* Remove the default theme collection nav template (Bug #1115832)
* Display plain editor if the 'HTML editor' option is disabled
* Additional processing fixes for rss to avoid fatal errors (Bug #1081431)
* Fix double encoding of & in 'url' for a pagination (Bug #1090203)
* Fix pagination double encoding (bug #1089282)
* Fix regression in user link display for feedback (Bug #1085569)
* Remove useragent from sso session check (Bug #1082416)
Changelog
0 blueprints and 9 bugs targeted
Bug report | Importance | Assignee | Status | |||
---|---|---|---|---|---|---|
1089282 | #1089282 | Pagination links are broken due to encoding of encoded ampersands | 3 High | Ruslan Kabalin | 10 Fix Released | |
1090203 | #1090203 | Double encoding of & in 'url' for pagination causes pagination links to be broken | 3 High | Son Nguyen | 10 Fix Released | |
1091764 | #1091764 | Cross site Scripting(XSS) Vulnerability in Mahara 1.6 | 3 High | Aaron Wells | 10 Fix Released | |
1113180 | #1113180 | Delete Wall Post Throws 404 Error | 3 High | Melissa Draper | 10 Fix Released | |
1115832 | #1115832 | collection navigation links break after "show more" with cleanurls | 3 High | Melissa Draper | 10 Fix Released | |
1082416 | #1082416 | XMLRPC with Firefox 17.0 not possible | 1 Undecided | 10 Fix Released | ||
1085569 | #1085569 | Link to user profile takes on comment ID | 1 Undecided | Melissa Draper | 10 Fix Released | |
1097788 | #1097788 | forum next page link | 1 Undecided | 10 Fix Released | ||
1103748 | #1103748 | included flowplayer 3.2.7 is vulnerable | 1 Undecided | Aaron Wells | 10 Fix Released |