Moodle LMS 4.0.7
14 March 2023
Moodle LMS version 4.0.7 is now available (security release).
Upgrading to Moodle LMS 4.0.7
Moodle LMS 4.0.7 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Moodle LMS updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Moodle LMS install to test the 4.0.7 upgrade prior to applying it live. Get started managing your Moodle LMS installations with Installatron
What's New in Moodle LMS 4.0.7
General fixes and improvements
- MDL-69690 - Require Assessment Grade for Workshop Activity Completion Blocked
- MDL-66221 - Deleted activities cannot be restored from recycle bin when backup_auto_activities setting is disabled
- MDL-70586 - Feedback: the preview icon shouldn't be displayed for students
- MDL-74756 - Previous activity with completion not working if activity completion is disabled
- MDL-76525 - mod_data: Missing validation of image width and height
- MDL-76947 - Dropdown menus are narrower and unnecessarily wrap
- MDL-73847 - LTI 1.3: Keyset fetch does not use the HTTP proxy
- MDL-75719 - Wrong completion status for hidden grade items
- MDL-77003 - Template string helper does not render complex language strings
- MDL-58945 - Showing rendered question text can break JS: disable filtering on quiz edit page and make optional in the question bank
- MDL-74905 - Decide Moodle 4.2 requirements and push them to environment.xml (due date: 2022-12-26)
- MDL-74698 - Course backups from versions earlier than 3.11.7 lose format options on restore
- MDL-77014 - Single activity course format should support multilang course titles
- MDL-75012 - Bump nodejs from lts/gallium to stable (>=v18.x.x, now lts/hydrogen)
- MDL-77230 - The preview of questions for feedback is still possible via WebServices
- MDL-77322 - Authenticate token requests via HTTP headers cannot be turned off
- MDL-76314 - Add missing form validation when combining single discussion and separate group
- MDL-77057 - Module override forms are not correctly formatting group names
- MDL-77210 - Quiz 'Try another question like this one' breaks regrading
- MDL-76904 - Question bank: Question highlight is missing after we go back and forth between pages
- MDL-76298 - Drag drop questions don't validate that drop zones have been defined (causing division by zero errors in the statistics)
- MDL-77241 - Javascript console errors opening section/activity menus when editing course
- MDL-76878 - Prohibiting editownprofile capability breaks functionality of blocks/content bank
- MDL-63608 - Access order when manually grading quizzes
- MDL-76948 - Description of submission_unlocked event says "locked" instead of "unlocked"
- MDL-76066 - Deleting a field when applying a preset doesn't raise 'field deleted' event
- MDL-76602 - Cannot add LTI 1.3 LTI service without modifying locallib
- MDL-77024 - Quiz editing log events have the wrong edulevel
- MDL-77018 - Error loading question bank statistics if the context no longer exists
- MDL-77365 - Inaccurate word count
Accessibility improvements
- MDL-76672 - block_myoverview: aria-label attribute is not well supported on a div without role attribute
- MDL-77052 - block_recentlyaccesseditems: Element with role="list" must have children with role="listitem"
- MDL-77318 - core / user_menu: aria-label attribute is not well supported on a div without role attribute
- MDL-76313 - improve accessibility on subscribers page
Security improvements
- MDL-76478 - Browsers auto-completing the user's password into inappropriate password unmask form fields
- MDL-76370 - Public / private paths security report is inaccurate when using HTTP proxy
- MDL-75454 - sesskey included in URL in cache administration adding and editing stores
Security fixes
- A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.