Dear all,
We are very happy to announce that the first stable release of our new
ILIAS version 6 has been published today. You find release 6.0 at
https://github.com/ILIAS-eLearning/ILIAS/releases/tag/v6.0
<https://github.com/ILIAS-eLearning/ILIAS/releases/tag/v6.0>
Thanks to all developers, funding partners and supporters for their
contributions and support. Over 100 new or extended features have been
implemented – and some have also been removed. Have a look at the
release page of ILIAS 6 to get an impression of what has changed:
https://docu.ilias.de/goto_docu_wiki_wpage_5457_1357.html
ILIAS 6 comes also with a revised page layout. If you have customised
the layout of your ILIAS installation you have to adapt it to the new look.
And don’t miss the list of required software for ILIAS 6 to be sure that
this new ILIAS version is running properly on your server:
https://docu.ilias.de/goto_docu_wiki_wpage_5724_1357.html
Kind regards
Fabian Wolf
Dear list,
the "show me in the who-is-online tool" user configuration has been
changed to an "opt-in" due to bug https://mantis.ilias.de/view.php?id=28070
A default setting has been added to the user administration accordingly.
For details, see https://mantis.ilias.de/view.php?id=28070#c67443
The change has been made in all major branches (5.3, 5.4, 6.0, trunk).
Best regards
Alex
--
LEIFOS GmbH
Alexander Killing
Wilhelmstr. 56-58, 50733 Köln
Tel: +49.221.12071890
killing(a)leifos.com
Gesellschaft mit beschränkter Haftung
Sitz der Gesellschaft: Köln
Eingetragen beim Handelsregister Amtsgericht Köln (HRB 63686)
Geschäftsführer: Alexander Killing, Stefan Meyer, Alexandra Tödt
Dear list,
tl/dr: Todays releases will escape HTML/JS "inactive" in all page editor
contexts per default. If you trust your authors/users you may reactivate
this under "Administration > Editing > ILIAS Page Editor".
Long version:
To a certain extent ILIAS allows to included HTML/JS content in page
editor content, e.g. in learning modules. This was a desired feature in
the early days of ILIAS and enabled authors to extend the features of
the standard editor.
In the context of wikis, this has been deactivated since the beginning
(HTML is escaped in a way it is not interpreted by browsers), for other
parts like blogs and portfolios it is possible to configure this behaviour.
Even if the page editor can log every change in its "page history",
there has been an ongoing discussion between the trade-off of
flexibility and security (possible XSS attacks), see e.g.
https://docu.ilias.de/goto_docu_wiki_wpage_5406_1357.html
Since not everyone is aware of the implications and since this has been
reported as a security issue multiple times now, all page editor
contexts will escape HTML in a way it is not interpreted by browsers
anymore. "Administration > Editing > ILIAS Page Editor" has been
extended to allow the configuration for each context individually.
Please note: This is only related to page editor content. HTML Learning
modules and uploaded SCORM packages always allow to upload HTML and
Javascript content. Do not give permission to create these resources to
users you do not trust. Use the RBAC to set permissions accordingly or
deactivate these components completely.
Best regards
Alexander Killing
Dear all,
We have published security release 5.3.20 and 5.4.10 on GitHub, see
https://github.com/ILIAS-eLearning/ILIAS/releases .
*Important**:* These releases contain important security fixes and it is
recommended to update your system.
Please have a look at the release notes for more information about these
releases https://docu.ilias.de/goto_docu_lm_35.html .
Best regards,
Fabian Wolf
Dear administrators,
I just merged this PR [1] that makes the setup from the command line
happen. You'll find more details about how this is supposed to work in
the README [2] for the CLI based setup.
I kindly ask for your help in testing that program. I'm only a single
developer with his developer requirements, but you people will
(hopefully) use that program as well. Does it work on you machine? In
your scenario? For your configuration? I also only own a limited number
of ILIAS installations I can run the update on. Please check (in a safe
testing environment, of course) if your existing installations can be
updated with the program. Does it stop somewhere? Is there something
unexpected happening? Does it break your installation?
I'm looking forward to your reports in our issue tracker [3]. Please
make sure you describe your scenario and your problem in some detail,
the innards of the setup can be delicate and hard to fix at times and
any information will help.
Please be aware that this is (hopefully) only the beginning of that
program. If you want to participate in the further development of the
setup in the next release, please reach out to me, I would be glad to
get more contributors.
If you have any feedback or questions, feel free to contact me as well.
Best regards!
[1] https://github.com/ILIAS-eLearning/ILIAS/pull/2313
[2] https://github.com/ILIAS-eLearning/ILIAS/blob/trunk/setup/README.md
[3] https://mantis.ilias.de
--
Richard Klees
Lead Developer Qualifizierungsmanagement
---------------------------------------------
CaT Concepts and Training GmbH
Vorgebirgstraße 338
50969 Köln
Fon: +49 (0)221 / 46 75 76 - 56
Fax: +49 (0)221 / 46 75 76 - 09
Mail: richard.klees(a)concepts-and-training.de
Web: http://www.concepts-and-training.de
---------------------------------------------
Geschäftsführung:
Sven Kapust, Gerald Konrad, Alexandra Oehlke,
Sandra Röbbelen, Volker Röbbelen, Denis Witt
Amtsgericht Köln HRB 57804
Ust-ID-Nr.: DE 814694228
Sitz: Köln
---------------------------------------------
