Hi, This is a copy of an email sent out to all registered Admins from Michael de Raadt (Development Manager, Moodle HQ). It lists all the latest versions of Moodle that have Security fixes in them. === start of main part of email ===
I'm writing today to let you know that Moodle 2.5.1, 2.4.5, 2.3.8 and 2.2.11 are available via the usual open download channels (http://download.moodle.org or Git).
Note that 2.2.11 is the final release in the 2.2 branch and that the 2.3 branch is now supported for security fixes only.
The full release notes are here:
http://docs.moodle.org/dev/Moodle_2.5.1_release_notes
http://docs.moodle.org/dev/Moodle_2.4.5_release_notes
http://docs.moodle.org/dev/Moodle_2.3.8_release_notes
http://docs.moodle.org/dev/Moodle_2.2.11_release_notes
SECURITY ISSUES As well as a long list of bug fixes, performance improvements and polishing, there are 7 security issues you should be aware of.
Details of these security issues are listed below. As a registered Moodle admin we are giving you advance notice of these issues so you have some time to fix them before we publish them more widely on http://moodle.org/security in one week.
To avoid leaving your site vulnerable we highly recommend you upgrade your sites to the latest Moodle version as soon as you can. If you cannot upgrade, then please check the following list carefully and patch your own system or switch off those features.
Thanks, as always, to EVERYONE involved in reporting and fixing security issues.
It really is a team effort and one with more and more people involved all the time.
Cheers and thanks for using Moodle!
Michael de Raadt
Development Manager, Moodle HQ