Forums | Mahara Community
News
/
Security maintenance releases 24.04.5 and 23.04.9
07 October 2024, 16:16
Hello,
We'd like to announce the release of the latest maintenance releases for Mahara 24.04 and 23.04. This is a security release. We recommend you update to this release in the series of Mahara you are using as quickly as possible due to the high to critical nature of the security issues that we have fixed. Whether your site is affected depends on the functionality you have enabled on your site. A list of fixes is available on the 'Releases' page, accessible to subscribers.
We would like to thank the people who made responsible disclosures of these security issues to us.
Subscribers have two options for accessing the latest code.
Via Git
- 24.04.5 Git branch
- 23.04.9 Git branch - final release for Mahara 23.04
As downloadable package
The changes are also available on theĀ 'Releases' page as downloadable packages under the heading 'Mahara download files...' in each respective release, which also includes a list of issues linked to their descriptions that have been fixed:
If you use the download files, make sure not to download a file called 'source code'. You want to download the files that have the compiled code as only that will come with all necessary libraries and stylesheet information.
If you use a download package for Mahara 23.04.9, please make sure you select the correct one. There are different files for use on PHP 7.4 and PHP 8.1, and if you use Redis as session handler.
Update information
Please see the wiki for information on updating Mahara, based on the method you use, either via the code repository (Git) or the downloadable package.
As subscriber, we recommend you update your instance of Mahara to the latest maintenance release of the series of Mahara you are using, or if you are on an unsupported version of Mahara, upgrade to a supported one. This is the final release for Mahara 23.04.
Thank you
The Mahara team at Catalyst
07 October 2024, 18:34
Hello,
We've discovered that a site that uses MariaDB may have a problem being upgraded. We have a patch in testing and will be releasing the final fix tomorrow.
Apologies for not having found that during our final release testing
Kristina
07 October 2024, 20:31
The update issue with MariaDB would only apply to Mahara 24.04. 23.04.9 does not have that problem.
08 October 2024, 14:53
Hello everyone,
Mahara 24.04.6 is now available for access via Git or as download package (use a file under the heading 'Mahara download files - PHP8.1'). There are two fixes included:
- Fix for the upgrade when using MariaDB as database
- Fix for the default Mahara logo in the 'Customisable theme' to change colour again based on the background colour selected (either a dark or light logo)
I'm very sorry that we did not notice the MariaDB issue during our pre-release testing. Both issues are not present in Mahara 23.04, hence only the 24.04 update.
Thank you
Kristina