Skip to main content

Moodle 3.11.5

Unsupported Moodle Version
This version of Moodle is no longer supported for general bug fixes.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 17 January 2022

Here is the full list of fixed issues in 3.11.5.

General fixes and improvements

  • MDL-68944 - Workshop skips scheduled allocation
  • MDL-69467 - H5P attempts not recorded when multiple users have same email address
  • MDL-69496 - mod_quiz: Or all available attempts completed setting value lost
  • MDL-68773 - Adhoc tasks for backup and restore are stuck in endless fail delay loop
  • MDL-59115 - OAuth2 does not pass in all user mapped settings into new account
  • MDL-72796 - retry interval in milliseconds for redis session cache is far too high
  • MDL-72791 - Custom course field content for new course not found in global search
  • MDL-72443 - SVG files do not support the preview mode
  • MDL-72716 - You should not be able to add more than one instance of most blocks to your Dashboard
  • MDL-72925 - Forum grading separate group filter shows discussion topics in the other groups
  • MDL-73414 - Impossible to turn on only "Enable web services" from site admin page
  • MDL-73189 - File upload limits not always enforced if there are many simultaneous uploads in progress
  • MDL-69061 - Lack of files reported during upgrade to 3.9 when $CFG->admin differs from 'admin'
  • MDL-73046 - HTML5 video in the mediaplugin fails when using .MOV files
  • MDL-72988 - PHP Notices detected in web server logs (mod_lti)
  • MDL-72966 - File upload: Uncaught TypeError from JavaScript when uploading a single file
  • MDL-73195 - mod_url: Error makes course/view.php unreachable if an invalid URL is saved
  • MDL-73207 - $CFG->scheduled_tasks has incorrect order for dayofweek and months in cron spec
  • MDL-72701 - Expand unit test coverage defaults
  • MDL-73128 - Image caption warning for external badges
  • MDL-73155 - Essay qtype: Error message is displayed when Allow attachments field is reset to 'No'
  • MDL-73256 - Disabling "Require email verification" doesn't persist properly the first time
  • MDL-73086 - User profile fields are broken when having uppercase in shortname
  • MDL-73153 - External badge image not displayed in some cases
  • MDL-72992 - Cannot enter feedback from grader report when feedback was previously deleted from assign grader
  • MDL-72785 - Can't delete course category
  • MDL-73176 - JS exception filtering course participants for keyword containing quotes
  • MDL-73402 - Admin bookmarks block is too aggressive at cleaning bookmarked section
  • MDL-72870 - Quiz attempt navigation buttons misaligned
  • MDL-73039 - Double encoding of site/course name in course download
  • MDL-73140 - Badly formatted lists in the grade history report
  • MDL-72982 - Data request email breaks organisation signature
  • MDL-61671 - Admin mobile certificate check can return errors on valid certificate
  • MDL-72789 - Improve filtering by component in eventlist report
  • MDL-72908 - Purge all caches only purges the selected cache if selected
  • MDL-73074 - Course autocomplete duplicated in report condition/filter
  • MDL-73255 - User Participants filter leaves invalid group filter row if no groups are present

Accessibility improvements

  • MDL-70274 - The WCAG (cynthia.exe) validator links in the footer is no longer available
  • MDL-73026 - Focus outline for modal close button is clipped and has insufficient colour contrast
  • MDL-70721 - Need a Mustache helper method for html entities
  • MDL-73142 - File extension in Essay accepted file type list is failing accessibility color contrast limits

For developers

  • MDL-73175 - Add behat generators for glossary entries and categories
  • MDL-73202 - Add behat generators for forum discussions and posts
  • MDL-72846 - Create default block generator for testing
  • MDL-73269 - Add PHP version and required/optional extensions to composer.json

Security improvements

  • MDL-72096 - New helper function for cleaning SQL ORDER BY clauses
  • MDL-73295 - sesskey is exposed in url for /user/managetoken.php

Security fixes

  • MSA-22-0001 SQL injection risk in code fetching h5p activity user attempts
  • MSA-22-0002 calendar:manageentries capability allows CRUD access to all calendar events
  • MSA-22-0003 Capability gradereport/user:view not always respected when navigating to a user's course grade report
  • MSA-22-0004 CSRF risk in badge alignment deletion

Translations