Category Archives: Moodle

Make Sure Your Moodle Websites are Up to Date
With our Up to Date? Chrome app you can keep track of the Moodle versions (as well other web apps) on all of the websites you manage in one place, so you can easily check if they are in need of an upgrade.

Need Moodle Upgraded?
We can upgrade your Moodle website for you.

Moodle 2.7.12, 2.8.10, 2.9.4, and 3.0.2 Released

Moodle 2.7.12, 2.8.10, 2.9.4, and 3.0.2 were released today. The new versions include “small improvements”, bug fixes, and security fixes. Details of the security vulnerabilities fixed will be released in a week.

Update (January 19, 2016): Moodle has now released information on the security issue fixed in the releases. The vulnerabilities fixed are a cross-site scripting  (XSS) vulnerabilitity in all but version 2.7.x and a course visibility vulnerability.

More information is available in the release notes for 2.7.122.8.102.9.4, and 3.0.2.

Posted in Moodle, Security Update | Leave a comment

Moodle 3.0.1 Released

Moodle 3.0.1 was released today. The new version includes support for PHP 7 and several bug fixes.

More information is available in the release notes.

Posted in Moodle | Leave a comment

Moodle 3.0 Released

Moodle 3.0 was released yesterday. The new version includes new questions types, improved plugin upgrading, and more.

More information is available in the release notes.

Posted in Moodle | Leave a comment

Moodle 2.7.11, 2.8.9, and 2.9.3 Released

Moodle 2.7.11, 2.8.9, and 2.9.3 were released today. The new versions include “small improvements”, bug fixes, and security fixes. Details of the security vulnerabilities fixed will be released in a week.

Update (November 17, 2015): Moodle has now released information on the security issue fixed in the releases. Among the vulnerabilities fixed are two cross-site scripting vulnerabilities.

More information is available in the release notes for 2.7.112.8.9, and 2.9.3.

Posted in Moodle, Security Update | Leave a comment

Moodle 2.7.10, 2.8.8, and 2.9.2 Released

Moodle 2.7.10, 2.8.8, and 2.9.2 were released today. The new versions include “small improvements”, bug fixes, and security fixes. Details of the security vulnerabilities fixed will be released in a week.

Update (September 21, 2015): Moodle has now released information on the security issue fixed in the releases. Among the vulnerabilities fixed is a cross-site scripting (XSS) vulnerability and weak password recovery token generation.

More information is available in the release notes for 2.7.102.8.8, and 2.9.2.

Posted in Moodle, Security Update | Leave a comment

Moodle 2.7.9, 2.8.7, and 2.9.1 Released

Moodle 2.7.9, 2.8.7, and 2.9.1 were released today. The new versions include “small improvements”, bug fixes, and security fixes. Details of the security vulnerabilities fixed will be released later. For those using a YouTube repository additional setup will be needed after upgrading to 2.8.7 or 2.9.1.

Update (July 13, 2015): Moodle has now released information on the security issue fixed in the releases. Among the vulnerabilities fixed is a possible cross-site scripting (XSS) vulnerability and an open redirect vulnerability.

More information is available in the release notes for 2.7.92.8.7, and 2.9.1.

Posted in Moodle, Security Update | Leave a comment

Moodle 2.6.11, 2.7.8, 2.8.6, and 2.9 Released; Support Ends For Moodle 2.6

Moodle 2.6.11, 2.7.8, 2.8.6, and 2.9 were released today. Version 2.9 introduces new features pages, user interface improvements, and more. Versions 2.7.8 and 2.8.6 include “small improvements”, bug fixes, and security fixes. Version 2.6.11 includes security fixes. Details of the security vulnerabilities fixed will be released later.

Update (May 18, 2015): Moodle has now released information on the security issue fixed in the releases. Among the vulnerabilities fixed is a serious cross-site scripting (XSS) vulnerability that can impact external applications that connect to Moodle.

Moodle 2.6.11 is the last release for the 2.6 branch and anyone running it should upgrade to a newer, supported, version.

More information is available in the release notes for 2.6.112.7.82.8.6, and 2.9.

 

Posted in End of Support, Moodle, Security Update | Leave a comment

Moodle 2.6.10, 2.7.7, and 2.8.5 Released

Moodle 2.6.10, 2.7.7, and 2.8.5 were released today. The new versions include “small improvements”, bug fixes, and security fixes. Details of the security vulnerabilities fixed will be released later. Moodle 2.6.9, 2.7.6, and 2.8.4 were pulled shortly after release due to a regression introduced in those versions.

Update (March 16, 2015): Moodle has now released information on the security issue fixed in the releases. Among the vulnerabilities fixed is a serious denial of service (DOS) vulnerability and a minor cross-site scripting (XSS) vulnerability.

More information is available in the release notes for 2.6.10, 2.7.7, and 2.8.5.

 

Posted in Moodle, Security Update | Leave a comment

Moodle 2.6.8, 2.7.5, and 2.8.3 Released

Moodle 2.6.8, 2.7.5, and 2.8.3 were released today.  The new versions include “small improvements”, bug fixes, and a fix for a “a very serious security vulnerability”. Details of the security vulnerabilities fixed will be released later.

Update (February 9, 2015): Moodle has now released information on the security issue fixed in the releases. The vulnerability fixed could have allowed viewing the content of “files located outside of moodle directory” due to incomplete filtering of directory traversal attempts.

More information is available in the release notes for 2.6.8, 2.7.5, and 2.8.3.

 

Posted in Moodle, Security Update | Leave a comment

Moodle 2.6.7, 2.7.4, and 2.8.2 Released

Moodle 2.6.7, 2.7.4, and 2.8.2 were released today. The new versions include “small improvements”, bug fixes, and security fixes. Details of the security vulnerabilities fixed will be released later.

Update (January 20, 2015): Moodle has now released information on the security issues fixed in the releases. . Among the vulnerabilities fixed is a serious cross-scripting (XSS) vulnerability in all three versions and a serious regular expression denial of service (ReDoS) vulnerability in all three versions.

More information is available in the release notes for 2.6.7, 2.7.4, and 2.8.2.

 

Posted in Moodle, Security Update | Leave a comment