Mahara 1.0.14
Milestone information
- Project:
- Mahara
- Series:
- 1.0
- Version:
- 1.0.14
- Released:
- Registrant:
- François Marier
- Release registered:
- Active:
- No. Drivers cannot target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- 2 Evan Goldenberg
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- 2 Fix Released
Download files for this release
Release notes
Mahara 1.0.14 Release Notes
This is a stable release of Mahara 1.0. Stable releases are fit for
general use. If you find a bug, please report it to the tracker:
https:/
This release includes an upgrade path from 1.0. If you wish to
upgrade, we encourage you to make a copy of your website and test the
upgrade on it first, to minimise the effect of any potential
unforeseen problems.
Changes from 1.0.13:
* Security fixes to bundled copy of smarty (CVE-2008-4810, CVE-2008-4811 and CVE-2009-1669)
* Fix for SQL injection in MNET usernames (CVE-2010-0400)
Changelog
View the full changelog
0 blueprints and 2 bugs targeted
| Bug report | Importance | Assignee | Status | |||
|---|---|---|---|---|---|---|
| 534172 | #534172 | get_new_username() does not escape string used in SQL call | 2 Critical | Evan Goldenberg | 10 Fix Released | |
| 491129 | #491129 | Smarty version in Mahara 1.0 and 1.1 has security vulnerabilities | 1 Undecided | Evan Goldenberg | 10 Fix Released | |
