Skip to main content

Moodle 4.0.3

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 22 August 2022

Here is the full list of fixed issues in 4.0.3.

General fixes and improvements

  • MDL-62959 - Changing a course event to a user event results in an error
  • MDL-74947 - As Admin, when creating an external tool (LTI), "Shared secret" is truncated at < character
  • MDL-69251 - LTI enrol method wrongly unenrols users due to bad task internal state
  • MDL-68843 - LTI Tools don't get deleted when linked activity module is deleted from course
  • MDL-74681 - Reads directly after writes to a table are stale when using read replicas if the update takes too long
  • MDL-75386 - Editor stylesheets does not include stylesheets for subplugins
  • MDL-75083 - Login form double submission leads to invalid login
  • MDL-74768 - Change category for a question in bank affects quizzes using random questions
  • MDL-74492 - Atto editor wrongfully creates UL tags inside SVG
  • MDL-75205 - Resetting report filters need to include original parameters
  • MDL-75181 - Exception when both completion setting "student view" and custom settings are enabled
  • MDL-73215 - Undefined variable error when online text assignment submission deleted
  • MDL-74784 - Related system badges causing badge rendering issue
  • MDL-75185 - Custom report sources selection is not ordered consistently
  • MDL-74826 - Add new "Disabled feature" within Mobile app settings for the new Reports option introduced in 4.0
  • MDL-74282 - Outcomes report should not be available if outcomes are disabled
  • MDL-74964 - Page enrol/index.php should not have secondary navigation
  • MDL-74595 - Cannot navigate back to the main calendar page from import/export calendars page
  • MDL-72430 - Editing events results in changing the type of event and removing the Course option
  • MDL-56923 - Assignment, Add new criterion icon should be aligned to the right, in RTL mode (theme:boost)

Accessibility improvements

  • MDL-74740 - Skip links not showing up on blocks drawer
  • MDL-74800 - HTML validator errors on course homepage

Security improvements

  • MDL-75237 - Alternate implementation of MSA-22-0016 applied to fix a regression (Note: There was no new security risk addressed, however MDL-75237 still has access restricted to avoid revealing details of the original vulnerability)

Security fixes

  • MSA-22-0021 - Upgrade Mustache to latest version (upstream)
  • MSA-22-0022 - CSRF risk in enabling/disabling installed H5P libraries
  • MSA-22-0027 - Quiz sequential navigation bypass using web services