Mahara 1.6.3

Milestone information

Project:
Mahara
Series:
1.6
Version:
1.6.3
Released:
2013-02-15  
Registrant:
Melissa Draper
Release registered:
2013-02-15
Active:
No. Drivers cannot target bugs and blueprints to this milestone.  

Download RDF metadata

Activities

Assigned to you:
No blueprints or bugs assigned to you.
Assignees:
2 Aaron Wells, 3 Melissa Draper, 1 Ruslan Kabalin, 1 Son Nguyen
Blueprints:
No blueprints are targeted to this milestone.
Bugs:
9 Fix Released

Download files for this release

After you've downloaded a file, you can verify its authenticity using its MD5 sum or signature. (How do I verify a download?)

File Description Downloads
download icon mahara-1.6.3.zip (md5, sig) release tarball 2,767
last downloaded 10 weeks ago
download icon mahara-1.6.3.tar.bz2 (md5, sig) release tarball 237
last downloaded 19 weeks ago
download icon mahara-1.6.3.tar.gz (md5, sig) release tarball 526
last downloaded 30 weeks ago
Total downloads: 3,530

Release notes 

Mahara 1.6.3 Release Notes

This is a stable release of Mahara 1.6. Stable releases are fit for
general use. If you find a bug, please report it to the tracker:

https://bugs.launchpad.net/mahara/+filebug

This release includes an upgrade path from 1.0. If you wish to
upgrade, we encourage you to make a copy of your website and test the
upgrade on it first, to minimise the effect of any potential
unforeseen problems.

Changes from 1.6.2:

 * flowplayer: Updating flowplayer with custom build to disallow absolute URLs in config parameters
 * internalmedia/lib.php: Changing flowplayer invocation to only use relative URLs
 * Remove 'safe' function from template to prevent xss (Bug #1091764)
 * Remove the wwwroot from redirect url concatenation (Bug #1113180)
 * Remove the default theme collection nav template (Bug #1115832)
 * Display plain editor if the 'HTML editor' option is disabled
 * Additional processing fixes for rss to avoid fatal errors (Bug #1081431)
 * Fix double encoding of & in 'url' for a pagination (Bug #1090203)
 * Fix pagination double encoding (bug #1089282)
 * Fix regression in user link display for feedback (Bug #1085569)
 * Remove useragent from sso session check (Bug #1082416)

Changelog 

View the full changelog

flowplayer: Updating flowplayer with custom build to disallow absolute URLs in config parameters
internalmedia/lib.php: Changing flowplayer invocation to only use relative URLs
Remove 'safe' function from template to prevent xss (Bug #1091764)
Remove the wwwroot from redirect url concatenation (Bug #1113180)
Remove the default theme collection nav template (Bug #1115832)
Display plain editor if the 'HTML editor' option is disabled
Additional processing fixes for rss to avoid fatal errors (Bug #1081431)
Fix double encoding of & in 'url' for a pagination (Bug #1090203)
Fix pagination double encoding (bug #1089282)
Fix regression in user link display for feedback (Bug #1085569)
Remove useragent from sso session check (Bug #1082416)

0 blueprints and 9 bugs targeted

Bug report Importance Assignee Status
1089282 #1089282 Pagination links are broken due to encoding of encoded ampersands 3 High Ruslan Kabalin  10 Fix Released
1090203 #1090203 Double encoding of & in 'url' for pagination causes pagination links to be broken 3 High Son Nguyen  10 Fix Released
1091764 #1091764 Cross site Scripting(XSS) Vulnerability in Mahara 1.6 3 High Aaron Wells  10 Fix Released
1113180 #1113180 Delete Wall Post Throws 404 Error 3 High Melissa Draper  10 Fix Released
1115832 #1115832 collection navigation links break after "show more" with cleanurls 3 High Melissa Draper  10 Fix Released
1082416 #1082416 XMLRPC with Firefox 17.0 not possible 1 Undecided   10 Fix Released
1085569 #1085569 Link to user profile takes on comment ID 1 Undecided Melissa Draper  10 Fix Released
1097788 #1097788 forum next page link 1 Undecided   10 Fix Released
1103748 #1103748 included flowplayer 3.2.7 is vulnerable 1 Undecided Aaron Wells  10 Fix Released
This milestone contains Public information
Everyone can see this information.