Mahara 1.4.3
Milestone information
- Active:
- No. Drivers cannot target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- 2 Melissa Draper, 1 Son Nguyen
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- 3 Fix Released
Download files for this release
Release notes
Mahara 1.4.3 Release Notes
This is a stable release of Mahara 1.4. Stable releases are fit for
general use. If you find a bug, please report it to the tracker:
https:/
This release includes an upgrade path from 1.0. If you wish to
upgrade, we encourage you to make a copy of your website and test the
upgrade on it first, to minimise the effect of any potential
unforeseen problems.
Changes from 1.4.2:
* Json-encode login form when injected by js (bug #1009784)
* Patch XSS vulnerability in Insert/Edit Image in Edit blog (bug #1009784)
* Sanitize links in links and resources menu (bug #1009774)
* Add youtu.be tinyurl to filters
Changelog
View the full changelog
0 blueprints and 3 bugs targeted
| Bug report | Importance | Assignee | Status | |||
|---|---|---|---|---|---|---|
| 1009784 | #1009784 | Javascript login form includes unencoded parameters | 2 Critical | Son Nguyen | 10 Fix Released | |
| 1009774 | #1009774 | Links & resources urls are unsanitised | 3 High | Melissa Draper | 10 Fix Released | |
| 1017464 | #1017464 | Youtube embed codes use youtu.be which isn't in the filters list | 4 Medium | Melissa Draper | 10 Fix Released | |
