Skip to main content

Moodle 3.10.7

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 13 September 2021

Here is the full list of fixed issues in 3.10.7.

General fixes and improvements

  • MDL-70176 - Forum Grading Does Not Respect Separate Groups Filter
  • MDL-71121 - Default settings async course backup
  • MDL-49202 - Checking "Hidden" in grade item settings does not hide the item from student, at the same time selecting "Hide" from dropdown on the setup page does
  • MDL-72242 - Missing SVG files in forum posts
  • MDL-70376 - Assignment - Annotated PDF Download issues when page is turned
  • MDL-72312 - PHP 7.2 tests failing in 3.10 & 3.9, caused by buggy php-igbinary extension
  • MDL-71500 - Cannot select a date on the right hand side 3 month mini calendar, after previously selecting one
  • MDL-69451 - moodle_read_slave_trait: restore temptables object when creating rw and ro handles
  • MDL-72033 - User tours: step placement issues if screen too narrow
  • MDL-71973 - Exception thrown when evaluating disabled models from the CLI
  • MDL-70006 - Suspended enrolment will get analytics messages
  • MDL-70165 - Unable to change user role in a new course
  • MDL-70433 - In gradebook titles, ampersand '&' is being displayed as & amp;
  • MDL-71050 - H5P does not use the correct language
  • MDL-72265 - Backup code added in MDL-56310 incorrectly checks moodle/role:safeoverride for users who already have moodle/role:override
  • MDL-67833 - Text run over on Lang customization screen
  • MDL-72035 - Course completion report Excel download should include BOM to ensure correct character encoding
  • MDL-71945 - Bulk releasing grades for anonymous submissions pushes them to gradebook
  • MDL-71844 - Navigation breadcrumbs lost when running single task
  • MDL-71487 - Setting filesize settings to huge values breaks settings pages/search
  • MDL-72207 - Webservice mod_assign_get_submission_status doesn't support "All participants"
  • MDL-71029 - Forum summary report multiplies counts by number of enrollments a user has
  • MDL-72271 - Clicking "Finish Review" after a quiz set to Full screen popup with JavaScript security results in a 404 to /mod/quiz/0 if not in a popup window
  • MDL-72325 - sitepolicynotagreed popup appears when trying to start a user tour
  • MDL-72153 - Privacy export of user data doesn't export description files correctly/triggers debugging
  • MDL-72106 - Error being displayed after deleting calendar subscription

Accessibility improvements

  • MDL-68639 - Atto produces invalid nested unordered (UL) lists
  • MDL-72286 - Atto plugin steals default submit action so enter key in other fields no longer submits the form
  • MDL-71674 - Atto editor's insert image dialog boxes do not show all error messages
  • MDL-71656 - Add meaningful label to colour items in colour chooser elements
  • MDL-72206 - Insufficient colour contrast in warning messages in environment check
  • MDL-71814 - Atto: File picker – file info panel focus issue

Security improvements

  • MDL-72014 - Update grunt and some components to avoid some security reports
  • MDL-72187 - Log visibility change of log stores

Security fixes

  • MSA-21-0032 Session Hijack risk when Shibboleth authentication is enabled
  • MSA-21-0033 Course participants download did not restrict which users could be exported
  • MSA-21-0034 Authentication bypass risk when using external database authentication
  • MSA-21-0035 Arbitrary file read by site administrators via LaTeX preamble
  • MSA-21-0036 Quiz unreleased grade disclosure via web service