Mahara 1.9.5

Milestone information

Project:
Mahara
Series:
1.9
Version:
1.9.5
Released:
2015-04-20  
Registrant:
Aaron Wells
Release registered:
2015-04-20
Active:
No. Drivers cannot target bugs and blueprints to this milestone.  

Download RDF metadata

Activities

Assigned to you:
No blueprints or bugs assigned to you.
Assignees:
1 Aaron Wells, 5 Robert Lyon
Blueprints:
No blueprints are targeted to this milestone.
Bugs:
28 Fix Released

Download files for this release

After you've downloaded a file, you can verify its authenticity using its MD5 sum or signature. (How do I verify a download?)

File Description Downloads
download icon mahara-1.9.5.zip (md5, sig) release tarball 32
last downloaded 17 weeks ago
download icon mahara-1.9.5.tar.bz2 (md5, sig) release tarball 10
last downloaded 10 weeks ago
download icon mahara-1.9.5.tar.gz (md5, sig) release tarball 10
last downloaded 23 weeks ago
Total downloads: 52

Release notes 

Mahara 1.9.5 Release Notes

This is a stable release of Mahara 1.9. Stable releases are fit for
general use. If you find a bug, please report it to the tracker:

https://bugs.launchpad.net/mahara/+filebug

This release includes an upgrade path from 1.1.0. If you wish to
upgrade, we encourage you to make a copy of your website and test the
upgrade on it first, to minimise the effect of any potential
unforeseen problems.

Changelog 

View the full changelog

Changes from 1.9.4:

 * Bug #1190788 Can cause arbitrary SWF files to execute in the browser
 * Bug #1364170 Parent auth fails due to mixed case checking
 * Bug #1387858 Draft journal entries are visible to others
 * Bug #1404117 XSS via uploaded XML
 * Bug #1432635 Changing view layout causes block removal
 * Bug #1432641 Changing view layout causes an error
 * Bug #1435750 Google URLs changes
 * Bug #1439194 Notes and attached files
 * Bug #1440908 Clicking 'more' in friend request is not working
 * Bug #1286935 Allowed iframe check doesn't handle URLs with a question mark immediately after the domain name\
 * Bug #1348024 users can stay logged into suspended institution
 * Bug #1360050 IMAP language string for 'Port' is missing
 * Bug #1390833 File attachments aren't copied when note is copied
 * Bug #1392700 Images not displayed - blog post by tag
 * Bug #1397068 Flickr API now requires use of https for endpoint
 * Bug #1399311 SQL syntax error in cron_event_log_expire on key word SECONDS
 * Bug #1414474 Sub navigation background color not used for sub navigation
 * Bug #1425306 Users can delete submitted page through URL
 * Bug #1428266 Missing page description when export/import via Leap2a
 * Bug #1429647 Watchlist lets you watch and receive notifications about pages you don't have view access to
 * Bug #1429871 Link underlining in skins doesn't work
 * Bug #1436841 Add External Media - YouTube Video
 * Bug #1400511 Cannot cancel comment form after validation fails
 * Bug #1410953 Warnings when access "Account settings" page
 * Bug #1414628 strptime on OS X always returns 0 for tm_wday and tm_yday
 * Bug #1415709 "Deprecated" warning coming from BBCode parser
 * Bug #1422232 elasticsearch - reset and indexing
releasenotes-1.9.5.txt (END)

0 blueprints and 28 bugs targeted

Bug report Importance Assignee Status
1190788 #1190788 Can cause arbitrary SWF files to execute in the browser 3 High   10 Fix Released
1364170 #1364170 Parent auth fails due to mixed case checking 3 High Robert Lyon  10 Fix Released
1387858 #1387858 Draft journal entries are visible to others 3 High   10 Fix Released
1404117 #1404117 XSS via uploaded XML 3 High   10 Fix Released
1417364 #1417364 Remove the check for SQL "from" and "join" from minaccept script 3 High   10 Fix Released
1432635 #1432635 Changing view layout causes block removal 3 High Robert Lyon  10 Fix Released
1432641 #1432641 Changing view layout causes an error 3 High   10 Fix Released
1435750 #1435750 Google URLs changes 3 High   10 Fix Released
1439194 #1439194 Notes and attached files 3 High   10 Fix Released
1440908 #1440908 Clicking 'more' in friend request is not working 3 High   10 Fix Released
1286935 #1286935 Allowed iframe check doesn't handle URLs with a question mark immediately after the domain name 4 Medium   10 Fix Released
1348024 #1348024 users can stay logged into suspended institution 4 Medium   10 Fix Released
1360050 #1360050 IMAP language string for 'Port' is missing 4 Medium   10 Fix Released
1390833 #1390833 File attachments aren't copied when note is copied 4 Medium   10 Fix Released
1392700 #1392700 Images not displayed - blog post by tag 4 Medium   10 Fix Released
1397068 #1397068 Flickr API now requires use of https for endpoint 4 Medium   10 Fix Released
1399311 #1399311 SQL syntax error in cron_event_log_expire on key word SECONDS 4 Medium Aaron Wells  10 Fix Released
1414474 #1414474 Sub navigation background color not used for sub navigation 4 Medium Robert Lyon  10 Fix Released
1425306 #1425306 Users can delete submitted page through URL 4 Medium Robert Lyon  10 Fix Released
1428266 #1428266 Missing page description when export/import via Leap2a 4 Medium   10 Fix Released
1429647 #1429647 Watchlist lets you watch and receive notifications about pages you don't have view access to 4 Medium   10 Fix Released
1429871 #1429871 Link underlining in skins doesn't work 4 Medium   10 Fix Released
1436841 #1436841 Add External Media - YouTube Video 4 Medium Robert Lyon  10 Fix Released
1400511 #1400511 Cannot cancel comment form after validation fails 5 Low   10 Fix Released
1410953 #1410953 Warnings when access "Account settings" page 5 Low   10 Fix Released
1414628 #1414628 strptime on OS X always returns 0 for tm_wday and tm_yday 5 Low   10 Fix Released
1415709 #1415709 "Deprecated" warning coming from BBCode parser 5 Low   10 Fix Released
1422232 #1422232 elasticsearch - reset and indexing 5 Low   10 Fix Released
This milestone contains Public information
Everyone can see this information.