Moodle 4.4.3

Release date: 2 September 2024

Here is the full list of fixed issues in 4.4.3.

General fixes and improvements

• MDL-69684 - It is possible to hold a Redis session lock forever
• MDL-82502 - Course edit menu issues when manageactivities is unset
• MDL-82455 - Direct link from the Badges report the list of recipients has been lost
• MDL-82724 - TinyMCE adding quicktoolbar function throws error when quicktoolbar is disabled
• MDL-79215 - Calling graphlib->draw_brush results in un-rendered image and error message
• MDL-82668 - Improve .phpstorm.meta.php
• MDL-82802 - XMLDB editor cannot retrofit MySQL tables containing numbers
• MDL-64675 - Confusing restrictions on page breaks in feedback activity
• MDL-82718 - Cannot edit broken image in TinyMCE
• MDL-82790 - Remove filter_tidy
• MDL-82747 - Moodle class autoloader does not include composer autoload.files files
• MDL-82446 - The repository file picker content is misaligned/badly styled
• MDL-82214 - Some admin settings reset to empty when read-only and the page it is on is saved
• MDL-78785 - Accessibility colour contrast check not correctly processing RGB values
• MDL-82882 - Quiz attempt_summary_information should have ways to add new items at a specified position
• MDL-82810 - Question action menu can get truncated in some layouts
• MDL-82695 - Cloze questions where all subquestions have zero weight cause division by zero errors with interactive behaviour

Security fixes

• MSA-24-0042 - Unprotected access to sensitive information via dynamic tables.
  Note: Please check the announcement for further details about required coding changes for any third party Moodle code implementing dynamic tables.
• MSA-24-0043 - IDOR when deleting OAuth2 linked accounts
• MSA-24-0044 - Lesson activity password bypass through PHP loose comparison