Updated moodle packages fix multiple security vulnerabilities

Updated moodle package fixes security vulnerabilities: In Moodle before 2.4.9, question strings were not being filtered correctly possibly allowing cross site scripting, as quiz_question_tostring can cause invalid HTML (CVE-2014-2571). Feedback Availability dates not honored in complete.php in Moodle before 2.4.9, therefore it was possible to start a Feedback activity while it was supposed to be closed (CVE-2014-0127). Broken access control vulnerability in Moodle before 2.4.9 with /mod/chat/chat_ajax.php, where capabilities to chat were being checked at the start of a chat, but not during, so changes were not effective immediately (CVE-2014-0122). In Moodle before 2.4.9, there were missing access checks on Wiki pages allowing students to see pages of other students’ individual wikis, through the Recent activity block (CVE-2014-0123). In Moodle before 2.4.9, cross site scripting was possible with Flowplayer (CVE-2013-7341). In Moodle before 2.4.9, Forum and Quiz were showing users’ email addresses when settings were supposed to be preventing this (CVE-2014-0124). In Moodle before 2.4.9, alias links to items in an Alfresco repository were provided with information that would allow someone to impersonate the file owner in Alfresco (CVE-2014-0125). Cross Site Request Forgery in Moodle before 2.4.9 in enrol/imsenterprise/importnow.php, due to inadequate session checking when triggering the import of IMS Enterprise identities (CVE-2014-0126).