Download & Releases
7.26 (stable)
General Information
Release 7.26 has been published on October 23, 2023
- Please read the ILIAS 7 feature page for information about new and abandoned features and changed behaviour of this version.
- You find information about first time installation of ILIAS 7 and updating here.
- Please also have a look at the Required Software for ILIAS 7 page.
If you use a customized skin/style, please change the skin settings for root user and default of installation to ‘delos‘ before upgrading to ILIAS 7. Otherwise you may not login any more due to templates changes in former versions.
The storing of files will be changed and improved with ILIAS 7. All files need to be migrated to the new structure. More information is available in the installation instruction.
ILIAS is free, open source software and published under the GNU General Public License (GPL), version 3.0 → Licence
Download
ILIAS-7.26.zip
Download (github.com)223 MB, 2023-10-23md5: 4d718550cf5798904511734420a139d5
ILIAS-7.26.tar.gz
Download (github.com)202 MB, 2023-10-23md5: 397952472c5383e5968a85870f494102
Important Changes
- ILIAS Page Editor
- With Release 7, the ILIAS page editor was fundamentally revised. As part of the page editor, the content style was also adjusted and redundant text and block formats removed. You can see the list of removed paragraphs here:
- When updating to ILIAS 7, please bear in mind that the changes in the content style will affect your existing content. To prevent this, you can export the content style before an update OR download the ILIAS 6 Default Content Style from the following link:
- Setup
- With ILIAS 7 the GUI for the Setup has been abandoned. Installing and updating ILIAS is now handled by a command line implementation of the setup. The features for maintenance mode and multi-clients have been removed completely as discussed in the context of the Setup Revision. For more information about the new Setup please have a look into the detailed documentation of the setup in the file
setup/README.mdor take a look into the ILIAS installation instructions atdocs/configuration/install.md.
- With ILIAS 7 the GUI for the Setup has been abandoned. Installing and updating ILIAS is now handled by a command line implementation of the setup. The features for maintenance mode and multi-clients have been removed completely as discussed in the context of the Setup Revision. For more information about the new Setup please have a look into the detailed documentation of the setup in the file
- Migration of files
- In addition to the new setup via CLI, since version 7 ILIAS also requires that so-called migrations are carried out after an update. With ILIAS 7, such a migration is, for example, that files are migrated from the file object into the new resource storage service. These migrations can already be started after the update in live mode. To do this, run
# php setup/cli.php migratein the CLI for more information.
- In addition to the new setup via CLI, since version 7 ILIAS also requires that so-called migrations are carried out after an update. With ILIAS 7, such a migration is, for example, that files are migrated from the file object into the new resource storage service. These migrations can already be started after the update in live mode. To do this, run
- Workflow Engine
- Due to low demand and security issues, we removed the workflow engine with 7.23 and 8.3
- OpenIDConnect
- We switched the implementation from the "Implicit Flow" (e.g. because of https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#name-attacks-on-the-implicit-flo) to the "Authorization Code Flow".
Known Issues
- none
Changed Behaviour
- Plugins must appear in the PHP class map with this release. Patches that excluded the plugin directory in composer.json should be removed. Commit
Security Fixes
#38226: [Exercise] Exercise: Local File Inclusion/Rename (CVE-2023-45868) (Rene Rehme, rehme.infosec)
#28626: [General] Prevent some alternative php-suffixes from upload and unzipping
#37930: [Media Pools and Media Objects] Remote code execution via zip upload (Armin Stock)
#38225: [SCORM Online Editor] SCORM Export: Local File Inclusion (CVE-2023-45867) (Rene Rehme, rehme.infosec)
#38075: [PDF] PDF Generation: OS Command Injection Vulnerability (CVE-2023-45869) (Rene Rehme, rehme.infosec)
#38188: [Test & Assessment] Editing taxonomies is possible on a question pool that is online, but to which the user has only read and/or view access
#37995: [RBAC] RBAC: Fix permission check to add users to the admin role in role settings when admin role is protected
#32836: [General] Reauthentication required to Change E-Mail (Julien Richard, BCK Security Inc.)
Fixed Issues
The following issues reported in Mantis have been resolved:
#21666: [Calendar] Date-/Timepicker (tschmitz)
#31342: [Calendar] iCal URL - appointments are not displayed in Google Calendar (smeyer)
#36953: [Category and Repository] SOAP function copyObject does not return a ReferenceID when copying a course object. (akill)
#37966: [Competence Management] Competence References should be deleted when a Competence Template is deleted (tfamula)
#38011: [Course Management] Course members are displayed as "inactive" either if there are active in user management (tschmitz)
#31181: [Data Collection] Improve labels for DC > Tables > New field (German) (mkunkel)
#32383: [Favourites] Category, course and group links can seemingly be saved as Favourites, but it doesn’t work (properly) (tschmitz)
#38308: [File] Whoops when trying to download all files from exercise (fschmid)
#29658: [Group] Failed test: Anmeldeantrag zulassen/ablehnen | Formatierungsfehler Spaltenbezeichnung (Deutsch) (Join Requests) (tschmitz)
#36392: [Info Page] Object creation date and the Owner name are presented to users without Edit-Settings-Permission (akill)
#38165: [Item Groups] Folder created in item groups produce error und are not part of the item group (akill)
#37996: [Language Handling] Language: git merge text in german language file (skergomard)
#37842: [Login, Auth & Registration] OIDC logout is broken (mjansen)
#30080: [LTI] LTI consumer object copy -> no provider set & broken language variable: -lti_provider_not_set_msg- (ukohnle)
#34323: [LTI] Information about plattform ID is wrong (ukohnle)
#37999: [Mail] Whoops wenn User auf Mailsystem zugreifen möchte (mjansen)
#28817: [Media Pools and Media Objects] Content Snippet are not included in search (smeyer)
#33754: [Metadata + ADT] Problem when creating a new advanced metadata field in wiki (smeyer)
#36715: [News] news icon is not displayed (akill)
#32267: [Personal Profile] Save Button (Communication) still exists without formular (skergomard)
#34145: [Personal Profile] Two Save buttons without function in Profile visibility (skergomard)
#38023: [Personal Profile] User can not login due relogin message (skergomard)
#38074: [Personal Profile] error message after click on "Profil und Datenschutz" (skergomard)
#38283: [Personal Profile] Profile and Privacy > Visibility (skergomard)
#28368: [RBAC] Permissions of plugins not properly presented in 'Permissions of User' (skergomard)
#27063: [Session (Course & Group)] Sessions in resource lists cannot be sorted (tschmitz)
#33852: [Statistics and Learning Progress] Details screen of LP in courses can't be opened (smeyer)
#35745: [Statistics and Learning Progress] Failed test: Spalten in "Matrixansicht" auswählen und sortieren (smeyer)
#35563: [Task Service] missing "Task" Icon (akill)
#36184: [Test & Assessment] Freitextfrage: Editor löscht Absätze, und Formatierungen (skergomard)
#36382: [Test & Assessment] Wrong handling of curly and (especially) square brackets in cloze question with text or select gaps (skergomard)
#36734: [Test & Assessment] Fragetyp "Fehler/Worte markieren" formt < und & und > um (jcop)
#36790: [Test & Assessment] New questions are placed at the end of the test when question page is called before question is actually created (skergomard)
#37679: [Test & Assessment] Text Subset Question: Input between Curly Braces Gets Lost (skergomard)
#37817: [Test & Assessment] Ordering Question (vertical): Trying to upload image in 'Answer Picture' mode goes completely haywire (fhelfer)
#37948: [Test & Assessment] The Field for Redirection-URIs After Finalizing a Test is Silently Cut and Only 128 Chars Long (skergomard)
#38032: [Test & Assessment] Freitextfrage: Live-Zeichenzählung im Bearbeitungsmodus (und Fragenvorschau) defekt (fhelfer)
#38045: [Test & Assessment] Umlaute/mutated vowels ö,ä,ü in Lückentexten/gaps (skergomard)
#38169: [Test & Assessment] Page selection in test's 'History' does not work (maxbecker)
#38235: [Test & Assessment] Import test with random questions gives write right in repository (skergomard)
#29637: [User Service] Probleme mit Datum bei befristetem Zugang (skergomard)
#30816: [User Service] User Management: Last Login Before filter does not work properly (skergomard)
#38087: [User Service] Inaktive Benutzer in allen Kursen nach Update auf Version 7.25 (skergomard)
#38029: [Weblink] Some external links can't be changed (tschmitz)
#37913: [Wiki] setup update step #5750 fails: wiki_user_html_export - unknown column 1 in where clause (akill)
#38164: [Wiki] Database quotation change in $ilDB->update() broke db updatestep #5750 (akill)
#37922: [¥ Object] Error while creating Folder directly in Item Group (skergomard)
#38198: [¥ Object] Error in role assignment table with roles from an uninstalled plugin (skergomard)
#37959: [¥ UI Components / KS] File Input cannot upload larger because of a default timeout (fschmid)