Skip to main content

Moodle 3.6.5

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 8 July 2019

Here is the full list of fixed issues in 3.6.5.

Fixes and improvements

  • MDL-59650 - Calendar export no longer limited to 40 events
  • MDL-64935 - Jump to dropdown menu no longer overlaps before / next activity links
  • MDL-58315 - Boost theme no longer ignores HTML block custom classes
  • MDL-53778 - Quiz with activity completion 'Or all available attempts completed' no longer possible with unlimited attempts
  • MDL-65101 - Users with capability moodle/site:messageanyuser are no longer restricted from messaging users with 'My contacts only' messaging privacy enabled
  • MDL-65581 - Hidden blocks can once again be unhidden
  • MDL-65249 - Redis cache store correctly displays exception after failed connections
  • MDL-65084 - Recently accessed items block no longer attempts to load items from deleted courses
  • MDL-57729 - Ampersand in site title no longer breaks LTI provider cartridge XML
  • MDL-55821 - The individual assignment grading page when using marking workflow and rubrics now displays the current gradebook grade
  • MDL-65696 - PDF annotation comments no longer expand unexpectedly
  • MDL-64784 - Enrolled users list sort order no longer changes after adding or removing a user
  • MDL-55197 - Multi-lang filter no longer ignores 'en' parent language
  • MDL-65829 - Enrolments whose start date is after the analytics analysis start time are no longer discarded
  • MDL-65641 - Texts in Moodle format remain in the same format when edited
  • MDL-65839 - Improved memory usage of analytics evaluation and initial training processes
  • MDL-65326 - Restore process no longer fails if a capability it is attempting to assign does not exist
  • MDL-65665 - Quick reply now respects subscribe on reply user preference
  • MDL-65814 - Item counts for action events are now shown in the timeline block
  • MDL-65901 - Forum advanced search form styling improvements
  • MDL-65634 - Analytics 'students at risk' models now discard user enrolments whose start and end dates fall outside of the analysed time interval
  • MDL-65297 - Atto 'Manage files' now detects filenames containing a hash symbol (#)
  • MDL-65606 - Database activity unapproved entries are once again highlighted

Security fixes and improvements

Security fixes

  • MSA-19-0013 Missing sesskey (CSRF) token in loading/unloading XML files
  • MSA-19-0014 Ability to delete glossary entries that belong to another glossary
  • MSA-19-0015 Quiz group overrides did not observe groups membership or accessallgroups
  • MSA-19-0016 Assignment group overrides did not observe separate groups mode
  • MSA-19-0017 Upgrade TCPDF library for PHP 7.3 and bug fixes (upstream)

Security improvements

The following bug fixes or improvements were made, which contribute to improving security or privacy best practices:

  • MDL-60347 - SMTP debugging now also requires developer level debugging messages to be enabled before being displayed. Although SMTP debugging is not intended for production site use, this provides an additional fallback measure to prevent verbose debugging from being unintentionally being visible to users.

See also