LoginSign Up
← Back to all sparks
I

ILIAS

EDTECH
Velocity5.0

Open source learning management system used by universities, schools, and training organizations.

www.ilias.de

ILIAS ships coordinated security maintenance across four supported lines (8, 9, 10, 11) on a roughly six-week cadence.

lms-edtechsecurity-maintenancelong-tail-supportopen-sourcerelease-cadence
Current state
ILIAS is running a tight coordinated security-release pipeline. Every six weeks or so, paired maintenance releases land for the supported lines (most recently 10.7 and 9.19 on the same day), each one referencing a security blog post and stating 'recommended to update'. ILIAS 11 has now joined the maintained lines as well. The changelog itself is link-only — any specifics live behind the docu.ilias.de portal — so SparkPulse can read cadence and posture from the feed but not the CVE details.
Where it's heading
ILIAS treats long-tail support as a feature: maintenance releases continue to flow to ILIAS 8 (8.26 in December), ILIAS 9, ILIAS 10, and now ILIAS 11. The strict 'do not use the GitHub source-code zip, use the official tarball' instruction repeats on every release, suggesting the team has been burned by users hitting Composer issues with the source archive. No feature signal in this slice — this is operational rigor, not roadmap.
Prediction
Expect the next paired ILIAS 10.x / 9.x / 11.x security maintenance round in roughly six weeks if the cadence holds, plus an eventual 8.x patch as the long-tail 8 line continues to receive fixes. Substantive feature changes will require looking past this RSS surface.

Recent moves

  1. 16d ago

    ILIAS 11.0 maintenance release

    ILIAS 11.0 maintenance release — the 11 line has now joined the active maintenance set. Content is link-only with no specifics in the feed itself; significance for the trajectory is that 11.x is now part of the rotating multi-line patch pipeline.

    View source ↗
  2. 29d ago

    ILIAS 10.7 — security maintenance

    Security maintenance release on the 10 line, paired same-day with 9.19. Recommended-upgrade event for any 10.x deployment; CVE details live in the linked security blog rather than the feed.

    View source ↗
  3. 29d ago

    ILIAS 9.19 — security maintenance

    Paired backport on the 9 line — same-day pairing with 10.7 confirms the coordinated multi-line security pipeline. For organizations pinned to ILIAS 9, the recommended-upgrade flag applies here too.

    View source ↗
  4. 2mo ago

    ILIAS 10.6 — security maintenance

    Earlier installment of the same paired-release pattern: 10.6 lands the same day as 9.18. Same recommended-upgrade framing pointing at a security blog post.

    View source ↗
  5. 2mo ago

    ILIAS 9.18 — security maintenance

    Companion 9.x patch to 10.6 from the previous coordinated round. Same minimal-detail link-only format.

    View source ↗
  6. 4mo ago

    ILIAS 10.5 — security maintenance

    January installment of the same six-weekly security-maintenance arc. Content is link-only; the feed pattern alone is the trajectory signal.

    View source ↗