- Better error message for when the player is accessed with an expired launch token
- Allow multiple environment variable tokens in a configuration setting value
- Removed extra copy of BouncyCastle jars in release
- Fixed potential SQL injection vulnerability in xAPI code. We suspect it would have been difficult to exploit due to validating code before the vulnerable code, but have not proved it couldn't have been exploited.
- Fixed bug when launching courses with special characters in the course folder name (often based on the course title)
- Add option to transform some tables in the upgrade with CREATE TABLE AS statements.
- Added rule to populate the update_dt_utc column when it is created based on values in update_dt during the upgrade process