Mahara

Mahara 1.6.3

Milestone information

Project:: Mahara

Series:: 1.6

Version:: 1.6.3

Released:: 2013-02-15

Registrant:: Melissa Draper

Release registered:: 2013-02-15

Active:: No. Drivers cannot target bugs and blueprints to this milestone.

Download RDF metadata

Activities

Assigned to you:: No blueprints or bugs assigned to you.

Assignees:: 2 Aaron Wells, 3 Melissa Draper, 1 Ruslan Kabalin, 1 Son Nguyen

Blueprints:: No blueprints are targeted to this milestone.

Bugs:: 9 Fix Released

Download files for this release

Release notes

Mahara 1.6.3 Release Notes

This is a stable release of Mahara 1.6. Stable releases are fit for
general use. If you find a bug, please report it to the tracker:

https://bugs.launchpad.net/mahara/+filebug

This release includes an upgrade path from 1.0. If you wish to
upgrade, we encourage you to make a copy of your website and test the
upgrade on it first, to minimise the effect of any potential
unforeseen problems.

Changes from 1.6.2:

* flowplayer: Updating flowplayer with custom build to disallow absolute URLs in config parameters
* internalmedia/lib.php: Changing flowplayer invocation to only use relative URLs
* Remove 'safe' function from template to prevent xss (Bug #1091764)
* Remove the wwwroot from redirect url concatenation (Bug #1113180)
* Remove the default theme collection nav template (Bug #1115832)
* Display plain editor if the 'HTML editor' option is disabled
* Additional processing fixes for rss to avoid fatal errors (Bug #1081431)
* Fix double encoding of & in 'url' for a pagination (Bug #1090203)
* Fix pagination double encoding (bug #1089282)
* Fix regression in user link display for feedback (Bug #1085569)
* Remove useragent from sso session check (Bug #1082416)

Changelog

View the full changelog

flowplayer: Updating flowplayer with custom build to disallow absolute URLs in config parameters
internalmedia/lib.php: Changing flowplayer invocation to only use relative URLs
Remove 'safe' function from template to prevent xss (Bug #1091764)
Remove the wwwroot from redirect url concatenation (Bug #1113180)
Remove the default theme collection nav template (Bug #1115832)
Display plain editor if the 'HTML editor' option is disabled
Additional processing fixes for rss to avoid fatal errors (Bug #1081431)
Fix double encoding of & in 'url' for a pagination (Bug #1090203)
Fix pagination double encoding (bug #1089282)
Fix regression in user link display for feedback (Bug #1085569)
Remove useragent from sso session check (Bug #1082416)

0 blueprints and 9 bugs targeted

Bug report			Importance	Assignee	Status
1089282	#1089282	Pagination links are broken due to encoding of encoded ampersands	3 High	Ruslan Kabalin	10 Fix Released
1090203	#1090203	Double encoding of & in 'url' for pagination causes pagination links to be broken	3 High	Son Nguyen	10 Fix Released
1091764	#1091764	Cross site Scripting(XSS) Vulnerability in Mahara 1.6	3 High	Aaron Wells	10 Fix Released
1113180	#1113180	Delete Wall Post Throws 404 Error	3 High	Melissa Draper	10 Fix Released
1115832	#1115832	collection navigation links break after "show more" with cleanurls	3 High	Melissa Draper	10 Fix Released
1082416	#1082416	XMLRPC with Firefox 17.0 not possible	1 Undecided		10 Fix Released
1085569	#1085569	Link to user profile takes on comment ID	1 Undecided	Melissa Draper	10 Fix Released
1097788	#1097788	forum next page link	1 Undecided		10 Fix Released
1103748	#1103748	included flowplayer 3.2.7 is vulnerable	1 Undecided	Aaron Wells	10 Fix Released

Related milestones and releases

This milestone contains Public information

Everyone can see this information.