Released 2025-09-03
Bug Fixes
- Resolves startup failure when using an environment variable for an encryption setting.
- [Java] - Additional fixes for updating course asset files stored on AWS S3.
- [LTI 1.3] - Removed unnecessary validation of the subject identifier claim from tool-originating LtiDeepLinkingResponse messages.
- [Upgrade] - Fixes potential row count processing logging and avoids additional unnecessary processing when using the SkippedPhases setting.
- [Upgrade] - Installations that ran Engine 23 versions prior to v23.8.108 will now be able to to upgrade to Engine 24.
- [Upgrade] - During phase 3 of a phased upgrade, avoid miscounting the number of "actual" versus "ideal" indexes during the "Schema Audit" sub-phase.
Improvements
- Obfuscate registration_usage_id in the UsageStatistics DB table when PII deletion job is started.
- Subscription authentication requests now have "additionalProperties" to hold nonstandard values.
- [Media] - Introduces the MediaContentStatementMode setting to provide the option to reduce the quantity of xAPI statements generated from media content.
[Java] - updated bouncycastle libraries to resolve unconstrained resource usage vulnerability CVE-2025-8916.