Skip to main content

Moodle 4.0.4

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 12 September 2022

Here is the full list of fixed issues in 4.0.4.

General fixes and improvements

  • MDL-75092 - Links for selecting all/none checkboxes lost from backup/import/restore pages (Course reuse)
  • MDL-71662 - Add group-filter to H5P-activity attempts report
  • MDL-70480 - get_user_submission susceptible to race condition resulting in invalid DB state
  • MDL-75199 - BigBlueButton is a blocker in upgrade to 4.0
  • MDL-74770 - Grader report: Unable to sort using custom profile fields
  • MDL-74873 - Notification preferences should disable controls if user disabled all notifications before
  • MDL-73685 - Error on /admin/roles/admins.php if email removed from identity fields
  • MDL-74901 - extend_navigation_frontpage now relies on the user having course:update capabilites to view the secondary navigation
  • MDL-68717 - Upcoming events block doesn't remove completed activities
  • MDL-74969 - When short forms are disabled the sections headers change style
  • MDL-75311 - Error when send report schedules by schedule task manager
  • MDL-74749 - Import recording button shown when feature disabled in BigBlueButton
  • MDL-75040 - Course completion details page contains incorrect course navigation

Security fixes

  • MSA-22-0023 - Stored XSS and page denial of service risks due to recursive rendering in Mustache template helpers
  • MSA-22-0024 - Remote code execution risk when restoring malformed backup file from Moodle 1.9
  • MSA-22-0025 - Minor SQL injection risk in admin user browsing
  • MSA-22-0026 - No groups filtering in H5P activity attempts report