Skip to main content

Moodle 3.10.2

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.
note

For sites upgrading from an earlier version, please upgrade to 3.10.3 and skip this version, as it is affected by an upgrade step which may corrupt calendar events (MDL-71156).

Release date: 8 March 2021

Here is the full list of fixed issues in 3.10.2.

General fixes and improvements

  • MDL-67959 - The default group icon should not be displayed when there is no group picture
  • MDL-67515 - Uninstalled plugin breaks the custom lang tool if it had some strings customised
  • MDL-66979 - Switch all the Behat testing to the new W3C drivers
  • MDL-70535 - VideoJS language doesn't fallback to en
  • MDL-68970 - Pages during a quiz attempt should not be cached, so forwards/back do not lead to errors
  • MDL-57020 - Unable to delete scales which are no longer used
  • MDL-70268 - Dropbox repository requires log on to work - which fails
  • MDL-46256 - count_words returns too few words when dealing with html tags
  • MDL-70048 - Dropbox Search API: /files/search is being retired in favor of /files/search_v2
  • MDL-69867 - Marking workflow display wrong current grade if using scales
  • MDL-70736 - Unable to load Marking Guide Templates
  • MDL-70796 - Moodle word count does not match other software
  • MDL-69101 - Essay question: "Accepted file types" and other new fields are not supported in Moodle XML file
  • MDL-70377 - When reviewing an attempt as a teacher $string['saved') {$a} not replaced
  • MDL-43697 - Archived badges are restored during course restore
  • MDL-70676 - Workshop assessment aspect with no grade is unusable
  • MDL-70631 - Poor performance of zip_packer::extract_to_pathname()
  • MDL-70648 - Editing a calendar event of type category and removing the category results in an error
  • MDL-68958 - Undefined variable: href when creating IMSCP
  • MDL-70339 - Activity chooser does not honour external tool icons
  • MDL-56772 - File picker:Right align table column headers, in RTL mode (theme:boost)
  • MDL-70513 - Quiz manual grading page should warn if you try to leave with unsaved data
  • MDL-70705 - Multilang Filters not applied to Recent blog entries block Blog entry titles
  • MDL-70552 - Notification of submissions are not sent for anonymous feedback
  • MDL-70574 - Cloze multianswer question leaks percentage if with decimal
  • MDL-66932 - Grade percentage display in Gradebook should be LTR, in RTL mode
  • MDL-70585 - Downloaded course content unbrowseable for some activity names
  • MDL-70912 - Cannot access H5P content bank popup in Atto editor within mod_data textarea
  • MDL-70264 - badges/oauth2callback.php should be removed and replaced by admin/oauth2callback.php
  • MDL-67974 - Badge expiry error and missing expired stamp
  • MDL-67494 - Course/activity calendar events are deleted when the teacher who created them requests their data to be deleted
  • MDL-70995 - Group names not formatted in course participants filter
  • MDL-69883 - Unable to scroll beyond 50 conversations in Messages tool
  • MDL-69097 - Language filters aren't correctly applied in "Whole forum grading"

Accessibility improvements

  • MDL-70169 - Login page accessibility issues
  • MDL-70288 - Checkbox and advanced checkbox elements can have duplicate labels
  • MDL-70173 - Dashboard accessibility issues
  • MDL-65390 - Accessibility #11 Content appears above "show more" button
  • MDL-59782 - Question bank highlight of last added question is wrong in boost
  • MDL-70172 - Site home page accessibility issues

Security fixes

  • MSA-21-0006 Stored XSS via ID number user profile field
  • MSA-21-0007 Stored XSS and blind SSRF possible via feedback answer text
  • MSA-21-0008 User full name disclosure within online users block
  • MSA-21-0009 Bypass email verification secret when confirming account registration
  • MSA-21-0010 Fetching a user's enrolled courses via web services did not check profile access in each course
  • MSA-21-0011 JQuery versions below 3.5.0 contain some potential vulnerabilities (upstream)

Translations