Skip to main content

Moodle 3.5.7

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 8 July 2019

Here is the full list of fixed issues in 3.5.7.

Fixes and improvements

  • MDL-58315 - Boost theme no longer ignores HTML block custom classes
  • MDL-65581 - Hidden blocks can once again be unhidden
  • MDL-65249 - Redis cache store correctly displays exception after failed connections

Security fixes and improvements

Security fixes

  • MSA-19-0013 Missing sesskey (CSRF) token in loading/unloading XML files
  • MSA-19-0014 Ability to delete glossary entries that belong to another glossary
  • MSA-19-0015 Quiz group overrides did not observe groups membership or accessallgroups
  • MSA-19-0016 Assignment group overrides did not observe separate groups mode
  • MSA-19-0017 Upgrade TCPDF library for PHP 7.3 and bug fixes (upstream)

Security improvements

The following bug fixes or improvements were made, which contribute to improving security or privacy best practices:

  • MDL-60347 - SMTP debugging now also requires developer level debugging messages to be enabled before being displayed. Although SMTP debugging is not intended for production site use, this provides an additional fallback measure to prevent verbose debugging from being unintentionally being visible to users.