Mahara 1.4.1
Milestone information
- Project:
- Mahara
- Series:
- 1.4
- Version:
- 1.4.1
- Released:
- Registrant:
- François Marier
- Release registered:
- Active:
- No. Drivers cannot target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- 1 Andrew Nicols, 1 Darryl Hamilton, 1 Eugene, 1 François Marier, 4 Hugh Davenport, 1 Iñaki Arenaza, 4 Melissa Draper, 10 Richard Mansfield, 2 Ruslan Kabalin
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- 25 Fix Released
Download files for this release
Release notes
Mahara 1.4.1 Release Notes
This is a stable release of Mahara 1.4. Stable releases are fit for
general use. If you find a bug, please report it to the tracker:
https:/
This release includes an upgrade path from 1.0. If you wish to
upgrade, we encourage you to make a copy of your website and test the
upgrade on it first, to minimise the effect of any potential
unforeseen problems.
Changes from 1.4.0:
* XSS in unvalidated URI attributes (CVE-2011-2771)
* Information disclosure exposing private messages (CVE-2011-2774)
* DoS via invalid or excessively large images (CVE-2011-2773)
* CSRF to trick admins into adding a user to an institution (CVE-2011-2773)
* Fix broken links on export page
* Fix problems with blog, plan and comment pagination, and comment deletion
* Fix embedding issues with google docs and multimedia content
* Fix issues preventing tinymce and pieforms javascript loading for text areas
* Fix fatal errors for collections and image galleries
* Fix issues with settings for search plugin and mail preferences
* Ensure that bulk imported users are forced to change passwords
