Service Pack 9 included the following updates.
Common Cartridge 1.2
Common Cartridge allows a user to package a course in a reusable manner for use across multiple learning management systems. Common Cartridge 1.2 includes the following enhancements:
This new option now allows inclusion of alignment to Standards within the Common Cartridge package. In this context the “Standard” is a globally unique identifier (GUID) that links to the standard description. It is up to the installer to connect to the actual standard’s description as determined by the provider. Though the specification supports any provider, we are limiting links to Academic Benchmark standards.
Web content can now be marked as an assignment, and assignment is now supported both in export and import.
Rubrics now include Percentage Range along with Points Range. The Percentage Range option allows a single rubric to work with any assignment as the achievement scores are calculated as a percentage of the item being graded. This update to Rubrics makes them more flexible and able to support any type of graded item.
The Administrator Console is a diagnostic and troubleshooting tool for Administrators of the Blackboard Learn application. It is delivered as a Building Block bundled in this release. Its purpose is to make troubleshooting activities easier to initiate from the user interface, either for an Administrator starting a self‐diagnosis, or for working an issue in conjunction with the Blackboard Support team.
In keeping with Blackboard’s commitment to deliver Blackboard Learn on the most secure and stable technology stack, Service Pack 9 provides a patched version of the Tomcat application container, which runs the Blackboard Learn application. Service Pack 9 patches are delivered for Tomcat with code from Tomcat v6.0.35. This patch fixes a security vulnerability identified in February 2012 which allowed a Denial of Service attack.
Security and Privacy Updates
Service Pack 9 includes two security‐fixes and a privacy‐centric feature: cross site request forgery prevention, link injection protection, and the Blackboard Security Management Cookie Disclosure Building Block.
Cross Site Request Forgery Prevention & Link Injection Protection
This Service Pack is focused around CSRF fixes for the most critical areas of the application. These patches prevent the insertion of malicious code or scripts throughout the Blackboard Learn platform.
Security Management Cookie Disclosure
The Blackboard Security Management Cookie Disclosure Building Block is intended to support the European Union Privacy Data Directive and laws implemented in the United Kingdom and other member states related to this directive. Specifically, this Building Block implements features that require users to provide consent prior to data collection and provides information to end users about the nature and extent of data collection within Blackboard Learn software and services.