Skip to main content

Moodle 4.2.1

Unsupported Moodle Version
This version of Moodle is no longer supported for general bug fixes.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 12 June 2023

Here is the full list of fixed issues in 4.2.1.

General fixes and improvements

  • MDL-75576 - Question bank statistics are fetched inefficiently
  • MDL-75623 - Encode pluginfile.php urls in backup
  • MDL-73138 - & (ampersand) is displayed as & in group and role names in the participants list filter
  • MDL-75552 - Badgr.com is not working because the apiBase in badgeconnect.json is ignored
  • MDL-77791 - File search areas for database activity entries need to index using the content id
  • MDL-78087 - The H5P Timeline activity is not displayed
  • MDL-78010 - Improve performance/information for the labels upgrade in MDL-77612
  • MDL-78047 - Links with a new line in Text and media area aren't displayed within the text box
  • MDL-77997 - Regression: can no longer download a single question in Moodle XML format when previewing it
  • MDL-76936 - Activity dates not reflecting in the course page after resetting course start date
  • MDL-78346 - langimport can accidentally uninstall all languages
  • MDL-78260 - Statistics for Random quiz questions: View details link broken
  • MDL-78151 - The setGregorianChange() error appears on the profile page when the Kyiv time zone is selected.
  • MDL-78065 - TinyMCE link icon doesn't work correctly
  • MDL-77451 - Quick switching between selectors throws exception
  • MDL-77766 - Multi-choice and True-false labelling need to respect showstandardinstruction setting
  • MDL-76903 - Hidden final page in Book prevents activity completion
  • MDL-76693 - Activity Chooser - Activity Summary content overlap/scroll issue
  • MDL-73331 - Accessibility toolkit advanced page update for page flow issues
  • MDL-75696 - Errors when restoring pre-4.0 quiz backups
  • MDL-77933 - Dynamic registration should return site name and logo
  • MDL-77987 - Backup is timing out for huge courses with a lot of files to annotate
  • MDL-77883 - Themes: Error message display for text area field client side form validation is not reliably updated
  • MDL-76835 - Unordered lists indented incorrectly in the web page and the Atto editor
  • MDL-77546 - Fix the sorting order of the items in the grade items selector in Single view report
  • MDL-78125 - Feedback Modal not showing on quiz - Embedded answers (Cloze)
  • MDL-76344 - Course image "non image file" should not be displayed on the left like image file
  • MDL-78052 - Upgrade Font Awesome Library to 6.4.0
  • MDL-78094 - Soap protocol broken in Moodle 4.2
  • MDL-78054 - Encrypted mobile notifications: payload can be encrypted several times
  • MDL-78242 - Inconsistent coursecontact checking can lead to PHP notices during plugin installation
  • MDL-78176 - Drag and drop onto image/Drag and drop markers create question: Theme oddity in Preview section
  • MDL-78149 - Database: Separate groups database - can't switch groups if the group has no entries.
  • MDL-78152 - No editing button for students in book with the right to create new chapters in boost
  • MDL-77810 - Grade summary: plugin types not translated
  • MDL-77781 - Course Reset: course_modules_viewed entries not deleted
  • MDL-78023 - tool_policy in Moodle 4.1.2: Spreadsheet (CSV/XLSX/ODT) download in some cases not working
  • MDL-78364 - Calculate custom report schedule users earlier
  • MDL-78006 - Activity chooser opens twice in the newly added sections (4.2 regression)
  • MDL-78034 - Multilanguage group names displayed incorrectly on BigBlueButton module
  • MDL-78026 - Multilang filter is not applied when creating calendar events
  • MDL-78007 - Tiny editor missing media buttons when teacher is commenting on quiz attempt
  • MDL-78170 - Glossary ratings average is not calculated properly using MSSQL database
  • MDL-78378 - Survey activity: Instructions for all three types of surveys are missing (M4.1 & M4.2)
  • MDL-77313 - Course restore searching is broken

For developers

  • MDL-78308 - preg_match(): Passing null to parameter #2 ($subject) when configuring custom menu items (PHP 8.1)
  • MDL-77995 - Building JS modules with Grunt doesn't work if dirroot contains "/src"
  • MDL-77733 - Enable accessibility tests by default during Behat init
  • MDL-77799 - REST web service request exceptions are not included in server logs
  • MDL-76971 - Finish removing requires of externallib.php from Report builder

Security improvements

  • MDL-78225 - Content bank is leaking user sesskey when switching contexts
  • MDL-77320 - License manager leaks sesskey when creating new license
  • MDL-76688 - Add \ExplSyntaxOn to latex deny-list to prevent LaTeX3 programming syntax

Security fixes

  • MSA-23-0016 - XSS risk on groups page
  • MSA-23-0017 - Minor SQL injection risk on Mnet SSO access control page
  • MSA-23-0018 - SSRF risk due to insufficient check on the cURL blocked hosts list