Skip to main content

Moodle 4.4.6

Unsupported Moodle Version
This version of Moodle is no longer supported and will not receive fixes for security risks.
You are encouraged to upgrade to a supported version of Moodle.

Release date: 10 February 2025

Here is the full list of fixed issues in 4.4.6.

General fixes and improvements

  • MDL-82542 - Question bank: "Show questions from subcategories" no longer remembered as a user preference
  • MDL-82769 - Legacy random question filter conditions break random question on upgrade
  • MDL-66129 - Courses restored miss due/closing dates for several activity types in Calendar and other blocks
  • MDL-79121 - Admins should be prevented from defining a proxybypass value that is not valid
  • MDL-83493 - Form help icons do not close when clicking elsewhere
  • MDL-79819 - Tcpdf error: [image] unable to get the size of the image
  • MDL-81115 - Tag list does not load when switching categories in filter
  • MDL-79268 - Delete question version confirmation does not make it clear which version is being deleted
  • MDL-81195 - Weekly format does not handle daylight savings time - Spring and Fall
  • MDL-82237 - Quiz: "See questions" for Random question does not use all filters
  • MDL-82273 - Question bank: Newly created questions should be added to selected category
  • MDL-83746 - Custom menu item pointing to external site is highlighted as active by mistake
  • MDL-83794 - MathML and SVGs are stripped out by TinyMCE
  • MDL-83341 - Cannot edit file with access controlled link to MS OneDrive repo
  • MDL-77185 - PHP 8 error when disk_free_space function is disabled
  • MDL-78365 - UI of result chart in Choice is broken
  • MDL-84148 - Competency "Configure scales" dialog contains confusing action buttons
  • MDL-81841 - Action menu in the database preset displayed under the sticky footer
  • MDL-83005 - Doubled-up user tour content when using "Show with backdrop"
  • MDL-83832 - Links to the question history page may include the wrong (or no) category ID, leading to a blank page
  • MDL-81952 - Warning of missing property in export of multianswer questions
  • MDL-83668 - TinyMCE is more strict than Atto for onclick JavaScript action (Backport of MDL-80953)
  • MDL-84243 - Toggling activity done does not update the course index
  • MDL-83297 - Maxgradesperpage is not configurable
  • MDL-82772 - Column "questionscontextid" in mdl_question_set_references does not update when filter conditions are changed
  • MDL-83152 - In Glossary pending approval view, the "By last update" and "By creation date" sorting order UI elements do not react
  • MDL-83831 - Clicking "Reset columns" on the Question history page gives a confusing result
  • MDL-84129 - User search: Result fields incomplete when using custom alternativefullnameformat
  • MDL-84008 - Quiz questions layout makes it difficult to see which choices are grouped together
  • MDL-75075 - Quiz/Add questions from question bank: Clicking on Question Tags throws error
  • MDL-81685 - Matrix integration makes incorrect assumptions about user ID format
  • MDL-84264 - Encode and decode permalinks for the new course section page
  • MDL-84095 - RecordRTC displays an error notification if there is a failure while recording audio
  • MDL-84275 - Multi-factor TOTP plugin setup does not format site name properly
  • MDL-84323 - Remove endorsement from badge JSON
  • MDL-84214 - Default pre-uploaded presentation is shown to users, but not accessible
  • MDL-83995 - Imported glossary entries are treated as un-trusted
  • MDL-84152 - URLs generated by getExternalTestFileUrl() now contain double forward slash
  • MDL-84111 - Group drag and drop onto image question "Draggable items section" option fields together
  • MDL-82679 - Collapsible sections can conflict and trigger each other
  • MDL-83690 - Course index label links broken in plugins
  • MDL-83917 - get_course_progress_percentage function not performing well in courses with many modules
  • MDL-83183 - BigBlueButton activities are not sorted consistently on activity index
  • MDL-83940 - Comment element icons are broken/missized
  • MDL-82697 - Max sections limit error message does not show number of sections
  • MDL-83377 - Logout icon is shown in filepicker when searching server files
  • MDL-81478 - Audio recording has no file extension
  • MDL-83989 - Drag-drop upload area breaks if you drop a file outside any filemanager
  • MDL-80468 - MFA factor subplugins unable to properly define admin_externalpage links
  • MDL-83617 - Changing the number of grades per page in grader report does not redirect to a valid URL
  • MDL-83635 - Brickfield's img_alt_is_too_long check can fail for multibyte alt texts
  • MDL-83988 - Remove git diffs for JavaScript maps, minified JavaScript, and similar
  • MDL-83593 - No homepage link available on smaller devices
  • MDL-75750 - Login border-radius not rounded on narrow screens

Accessibility improvements

  • MDL-63802 - Add consistency in all aria-labels in the Classic theme navbar
  • MDL-67683 - WCAG Best practice: Main landmark must not be contained in another landmark
  • MDL-83809 - Modal focus lock does not quite follow WAI/ARIA pattern

Security fixes

  • MSA-25-0001 - Arbitrary file read risk through pdfTeX
  • MSA-25-0002 - Feedback response viewing and deletions did not respect Separate Groups mode
  • MSA-25-0003 - Non-searchable tags can still be discovered on the tag search page and in the tags block
  • MSA-25-0004 - Stored XSS in ddimageortext question type
  • MSA-25-0005 - Stored XSS risk in admin live log
  • MSA-25-0006 - Reflected XSS via question bank filter
  • MSA-25-0007 - Upgrade RequireJS including security fix (upstream)
  • MSA-25-0008 - IDOR in badges allows disabling of arbitrary badges
  • MSA-25-0009 - Teachers can evade trusttext config when restoring glossary entries
  • MSA-25-0010 - SQL injection risk in course search module list filter