Skip to main content

Moodle 3.11.5

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 17 January 2022

Here is the full list of fixed issues in 3.11.5.

General fixes and improvements

  • MDL-68944 - Workshop skips scheduled allocation
  • MDL-69467 - H5P attempts not recorded when multiple users have same email address
  • MDL-69496 - mod_quiz: Or all available attempts completed setting value lost
  • MDL-68773 - Adhoc tasks for backup and restore are stuck in endless fail delay loop
  • MDL-59115 - OAuth2 does not pass in all user mapped settings into new account
  • MDL-72796 - retry interval in milliseconds for redis session cache is far too high
  • MDL-72791 - Custom course field content for new course not found in global search
  • MDL-72443 - SVG files do not support the preview mode
  • MDL-72716 - You should not be able to add more than one instance of most blocks to your Dashboard
  • MDL-72925 - Forum grading separate group filter shows discussion topics in the other groups
  • MDL-73414 - Impossible to turn on only "Enable web services" from site admin page
  • MDL-73189 - File upload limits not always enforced if there are many simultaneous uploads in progress
  • MDL-69061 - Lack of files reported during upgrade to 3.9 when $CFG->admin differs from 'admin'
  • MDL-73046 - HTML5 video in the mediaplugin fails when using .MOV files
  • MDL-72988 - PHP Notices detected in web server logs (mod_lti)
  • MDL-72966 - File upload: Uncaught TypeError from JavaScript when uploading a single file
  • MDL-73195 - mod_url: Error makes course/view.php unreachable if an invalid URL is saved
  • MDL-73207 - $CFG->scheduled_tasks has incorrect order for dayofweek and months in cron spec
  • MDL-72701 - Expand unit test coverage defaults
  • MDL-73128 - Image caption warning for external badges
  • MDL-73155 - Essay qtype: Error message is displayed when Allow attachments field is reset to 'No'
  • MDL-73256 - Disabling "Require email verification" doesn't persist properly the first time
  • MDL-73086 - User profile fields are broken when having uppercase in shortname
  • MDL-73153 - External badge image not displayed in some cases
  • MDL-72992 - Cannot enter feedback from grader report when feedback was previously deleted from assign grader
  • MDL-72785 - Can't delete course category
  • MDL-73176 - JS exception filtering course participants for keyword containing quotes
  • MDL-73402 - Admin bookmarks block is too aggressive at cleaning bookmarked section
  • MDL-72870 - Quiz attempt navigation buttons misaligned
  • MDL-73039 - Double encoding of site/course name in course download
  • MDL-73140 - Badly formatted lists in the grade history report
  • MDL-72982 - Data request email breaks organisation signature
  • MDL-61671 - Admin mobile certificate check can return errors on valid certificate
  • MDL-72789 - Improve filtering by component in eventlist report
  • MDL-72908 - Purge all caches only purges the selected cache if selected
  • MDL-73074 - Course autocomplete duplicated in report condition/filter
  • MDL-73255 - User Participants filter leaves invalid group filter row if no groups are present

Accessibility improvements

  • MDL-70274 - The WCAG (cynthia.exe) validator links in the footer is no longer available
  • MDL-73026 - Focus outline for modal close button is clipped and has insufficient colour contrast
  • MDL-70721 - Need a Mustache helper method for html entities
  • MDL-73142 - File extension in Essay accepted file type list is failing accessibility color contrast limits

For developers

  • MDL-73175 - Add behat generators for glossary entries and categories
  • MDL-73202 - Add behat generators for forum discussions and posts
  • MDL-72846 - Create default block generator for testing
  • MDL-73269 - Add PHP version and required/optional extensions to composer.json

Security improvements

  • MDL-72096 - New helper function for cleaning SQL ORDER BY clauses
  • MDL-73295 - sesskey is exposed in url for /user/managetoken.php

Security fixes

  • MSA-22-0001 SQL injection risk in code fetching h5p activity user attempts
  • MSA-22-0002 calendar:manageentries capability allows CRUD access to all calendar events
  • MSA-22-0003 Capability gradereport/user:view not always respected when navigating to a user's course grade report
  • MSA-22-0004 CSRF risk in badge alignment deletion