Skip to main content

Moodle 3.10.5

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 12 July 2021

Here is the full list of fixed issues in 3.10.5.

General fixes and improvements

  • MDL-68925 - Quicklist items broken and cannot be used in PDF Annotator
  • MDL-65203 - Tab characters in event names produce malformed JSON in mustache template
  • MDL-65637 - Linkedin Authentication Stopped working
  • MDL-67975 - Nextcloud integration should allow the use of aliases to files in repository
  • MDL-55243 - SVG files are images and should be allowed for course images, drag-drop questions, etc.
  • MDL-71126 - Quiz manual grading: page size preference can get stuck at 0
  • MDL-68915 - Forum and Lesson do not allow a change to max grade after a grade has been given
  • MDL-64236 - The content in the Grader report table is partly covered by the scrollbar in RTL mode
  • MDL-67771 - Classic theme - unable to place blocks in Right region of activity modules
  • MDL-71694 - Grade validation failure causes loss of feedback comments
  • MDL-71047 - The cursor position is not correct when paste HTML in Atto editor
  • MDL-71113 - Integrate jsdoc into Grunt and allow for JS Documentation to be generated
  • MDL-70750 - In Survey activity the Response report -> Question doesn't work at all
  • MDL-68747 - ChartJS quiz overview report should display numerical ranges LTR also for RTL languages
  • MDL-71644 - File upload still gets stuck if try to leave page mid-upload
  • MDL-71366 - Checkboxes/Radio Buttons within multiple choice questions become invisible or shrink
  • MDL-72010 - Quiz should use Moodle's mechanism for keeping the session alive
  • MDL-71947 - The indentation of the text must be corrected in the notice of time limit when starting a quiz
  • MDL-71789 - Add mform validation for invalid url when importing a calendar
  • MDL-71971 - In the "Edit quiz" page, don't stick together the "Repaginate" and the "Select multiple items" button
  • MDL-71838 - Quiz overview report runs out of memory with huge courses
  • MDL-71145 - Drag and Drop Marker Question Type: Saves incorrect marker positions or lost markers
  • MDL-71837 - Export Calendar buttons become inactive after pressing 'Export' (as file)
  • MDL-71060 - Duplicates 'Current category' text in edit question form
  • MDL-69703 - Selected potential group member are not highlighted properly
  • MDL-71438 - Block deletion timeouts can occur on large sites

Accessibility improvements

  • MDL-71373 - Localize hard coded aria-label strings in table pagination and role manager
  • MDL-71669 - Menus opened by Atto buttons are announced as dialog box by screen-readers
  • MDL-71813 - File picker – folder view file details not available using keyboard (Enter)
  • MDL-71668 - Atto buttons do not have proper focus indicator

Security fixes

  • MSA-21-0020 SQL injection risk in code fetching enrolled courses
  • MSA-21-0021 SQL injection risk in code fetching recent courses
  • MSA-21-0022 Remote code execution risk when Shibboleth authentication is enabled
  • MSA-21-0023 Recursion denial of service possible due to recursive cURL in file repository
  • MSA-21-0024 Blind SSRF possible against cURL blocked hosts via redirect
  • MSA-21-0025 Messaging web service allows deletion of other users' messages
  • MSA-21-0028 IDOR allows removal of other users' calendar URL subscriptions
  • MSA-21-0029 Stored XSS when exporting to data formats supporting HTML via user ID number
  • MSA-21-0030 Insufficient escaping of users' names in account confirmation email - Note: If you have customised the language string emailconfirmation, you will need to edit the customisation and remove the placeholder {$a->firstname}.
  • MSA-21-0031 Messaging email notifications containing HTML may hide the final line of the email

Translations