Skip to main content

Moodle 2.0.2

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 21st February 2011


  • MDL-20617 - Options to show feedback, averages, range and other data in the user report
  • MDL-26109 - All standard blocks have option to dock
  • MDL-25616 - Recent messages and recent notifications interfaces

Performance improvements

  • MDL-17201 - Add index on user_info_data
  • MDL-25669 - fix_course_sortorder() does way too many UPDATE queries
  • MDL-25837 - disasterous caching bug in course_overview block
  • MDL-22970 - Glossary import displays too many items in recent activity
  • MDL-25677 - Differences between upgraded and installed sites detected in blocks subsystem
  • MDL-24125 - Add in-memory cache of admin_category child objects


  • MDL-25501 - Wikis with pages with the same title now upgrade from 1.9
  • MDL-25932 - Upgrade fails for wikis with the same title
  • MDL-25850 - Scorm score not checking for mod/scorm:viewscores
  • MDL-25215 - File extension lost when using "Save As" field
  • MDL-26071 - Upgrade fails when adding fields to tag_instance table
  • MDL-26236 - Random essay questions give error
  • MDL-25321 - sqlsrv_native's limit_to_top_n function destroys queries
  • MDL-25626 - Error in "Course completion status" block
  • MDL-25863 - Automated course backup function duplicates old versions when saved to non-default location
  • MDL-26098 - Manual grading pop-up is confused between id and uniqueid
  • MDL-25841 - Cloze question feedback appears in the wrong place
  • MDL-26299 - Numerical questions units handling setting reverts to default upon editing

And many more ... see the full list of bug fixes and improvements in 2.0.2.

Security issues

  • MSA-11-0003 Cross-site scripting vulnerability in tag autocomplete
  • MSA-11-0004 $CFG->forceloginforprofiles setting ignored in course profiles
  • MSA-11-0005 Cross-site scripting vulnerability in spikephpcoverage
  • MSA-11-0006 Cross-site request forgery and missing access control in course completion
  • MSA-11-0007 Cross-site scripting vulnerability in course tags
  • MSA-11-0008 IMS enterprise enrolment file may disclose sensitive information
  • MSA-11-0009 My profile block may disclose private information if used in user context
  • MSA-11-0010 Incorrect default for moodle/course:delete capability in teacher role
  • MSA-11-0011 Multiple cross-site scripting problems in media filter