ILIAS 5.3.12 is now available. This release fix security issues and bugs.
ILIAS 5.3.12 Changelog
Fixed Bugs
The following bugs reported in Mantis have been resolved:
- #10937: [Language Handling] Session language variable missing
- #23504: [Calendar] Calendar File Export: Download of calendar files results in blank page (BackgroundTask / UserInteraction)
- #23516: [File] Background download broken in course “Manage” tab
- #23536: [Portfolio] error occurred on portfolio page with competences
- #23596: [File] File versioning: “Make this the current version” does not work properly (Missing test case?)
- #23639: [Data Collection] Detailed view of a first table with a reference-placeholder does not show the entry of the second table
- #23672: [Plugin Slots] Lang var not shown on Settings screen of repository plugin (but exists in lang file)
- #23696: [ILIAS Page Editor] Externer Link: Wenn http zuvor nicht gelöscht wurde verschwinden Buchstaben im Befehl
- #23703: [Data Collection] Meaning of “Reset Filter” in Data Collection
- #23716: [Competence Management] course > competences > members: some controls lead to wrong screens – view not usable
- #23718: [Competence Management] wrong learning recommendation message “you need to improve the competence” is wrongly shown for some comptences
- #23726: [Learning Module ILIAS : Editor] Eigene Reiter von Lernmodulen werden beim Kopieren in optes nicht mit übernommen
- #23774: [Background Tasks] BackgroundTask not Executed for Asynchronous Setup
- #24224: [Mail] Nimmt man den Benutzern das Recht weg, das interne Mailsystem zu benutzen,bekommen die Benutzer keine Mail der Kurse zugestellt
- #24383: [_Other] Commit d049b3916f831b8383b7d3c71a2df30d262050b4 is not PHP5.6 compatible and breaks ILIAS
- #24384: [Mail] Mail erstellen mit php 5.6 nicht möglich
- #24387: [Login, Auth & Registration] “Invalid value for $clientId” after update
- #24438: [Language Handling] Fehler in Sprachdatei
- #24507: [Setup] PHP-Error in Hotfix 26 from setup/sql/5_3_hotfixes.php
Fixed Security Issues
- XSS in class.assClozeTestGUI::getAggregatedAnswersView (Corrections / Nachkorrektur) (Researcher: Felix Pahlow)
- Verwundbarkeit über manipulierbare client_id (Researcher: Bernhard Liebl)
Tags: Educational, ILIAS, Softaculous