diff --git a/general/releases/4.1/4.1.14.md b/general/releases/4.1/4.1.14.md index 44d4175a1..0f9fcfb69 100644 --- a/general/releases/4.1/4.1.14.md +++ b/general/releases/4.1/4.1.14.md @@ -21,5 +21,9 @@ import { ReleaseNoteIntro } from '@site/src/components/ReleaseInformation'; ## Security fixes - -A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version. + +- [MSA-24-0045](https://moodle.org/mod/forum/discuss.php?d=462874) - Users' names returned in messaging error message +- [MSA-24-0046](https://moodle.org/mod/forum/discuss.php?d=462876) - IDOR in edit/delete RSS feed +- [MSA-24-0047](https://moodle.org/mod/forum/discuss.php?d=462877) - Some users can delete audiences of other reports +- [MSA-24-0050](https://moodle.org/mod/forum/discuss.php?d=462880) - IDOR when fetching report schedules + diff --git a/general/releases/4.2/4.2.11.md b/general/releases/4.2/4.2.11.md index c89ffc1a0..2cca62e12 100644 --- a/general/releases/4.2/4.2.11.md +++ b/general/releases/4.2/4.2.11.md @@ -13,5 +13,9 @@ import { ReleaseNoteIntro } from '@site/src/components/ReleaseInformation'; ## Security fixes - -A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version. + +- [MSA-24-0045](https://moodle.org/mod/forum/discuss.php?d=462874) - Users' names returned in messaging error message +- [MSA-24-0046](https://moodle.org/mod/forum/discuss.php?d=462876) - IDOR in edit/delete RSS feed +- [MSA-24-0047](https://moodle.org/mod/forum/discuss.php?d=462877) - Some users can delete audiences of other reports +- [MSA-24-0050](https://moodle.org/mod/forum/discuss.php?d=462880) - IDOR when fetching report schedules + diff --git a/general/releases/4.3/4.3.8.md b/general/releases/4.3/4.3.8.md index 7efa96ba1..8ab3cbeaa 100644 --- a/general/releases/4.3/4.3.8.md +++ b/general/releases/4.3/4.3.8.md @@ -55,5 +55,9 @@ import { ReleaseNoteIntro } from '@site/src/components/ReleaseInformation'; ## Security fixes - -A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version. + +- [MSA-24-0045](https://moodle.org/mod/forum/discuss.php?d=462874) - Users' names returned in messaging error message +- [MSA-24-0046](https://moodle.org/mod/forum/discuss.php?d=462876) - IDOR in edit/delete RSS feed +- [MSA-24-0047](https://moodle.org/mod/forum/discuss.php?d=462877) - Some users can delete audiences of other reports +- [MSA-24-0050](https://moodle.org/mod/forum/discuss.php?d=462880) - IDOR when fetching report schedules + diff --git a/general/releases/4.4/4.4.4.md b/general/releases/4.4/4.4.4.md index f4b6c5d53..35b00cc03 100644 --- a/general/releases/4.4/4.4.4.md +++ b/general/releases/4.4/4.4.4.md @@ -58,5 +58,11 @@ import { ReleaseNoteIntro } from '@site/src/components/ReleaseInformation'; ## Security fixes - -A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version. + +- [MSA-24-0045](https://moodle.org/mod/forum/discuss.php?d=462874) - Users' names returned in messaging error message +- [MSA-24-0046](https://moodle.org/mod/forum/discuss.php?d=462876) - IDOR in edit/delete RSS feed +- [MSA-24-0047](https://moodle.org/mod/forum/discuss.php?d=462877) - Some users can delete audiences of other reports +- [MSA-24-0048](https://moodle.org/mod/forum/discuss.php?d=462878) - IDOR when accessing list of course badges +- [MSA-24-0049](https://moodle.org/mod/forum/discuss.php?d=462879) - IDOR when accessing list of badge recipients +- [MSA-24-0050](https://moodle.org/mod/forum/discuss.php?d=462880) - IDOR when fetching report schedules +