ckeditor 4.11.1+dfsg-1 source package in Debian
Changelog
ckeditor (4.11.1+dfsg-1) unstable; urgency=high * Security release: Fixed XSS vulnerability in the HTML parser reported by maxarr. Issue summary: It was possible to execute XSS inside CKEditor after persuading the victim to: (i) switch CKEditor to source mode, then (ii) paste a specially crafted HTML code, prepared by the attacker, into the opened CKEditor source area, and (iii) switch back to WYSIWYG mode. * Fix minors WYSIWYG mode issues. -- Bastien Roucariès <email address hidden> Wed, 14 Nov 2018 16:04:19 +0100
Upload details
- Uploaded by:
- Debian Javascript Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian Javascript Maintainers
- Architectures:
- all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Buster | release | main | web |
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
ckeditor_4.11.1+dfsg-1.dsc | 2.0 KiB | f0155965784a922a17fd47d08ba053111866f8f9f9f04398b36c688bcd808b89 |
ckeditor_4.11.1+dfsg.orig.tar.xz | 6.8 MiB | d0e24607849fbcffbc29def9535f57c8e983c7eaf054cc06796f00a582441abd |
ckeditor_4.11.1+dfsg-1.debian.tar.xz | 10.5 KiB | d880d3bdcd4fe7f850d5c7ff26281a8f9cb594db2a280b29a8f1ec18358b364c |
Available diffs
- diff from 4.10.1+dfsg-1 to 4.11.1+dfsg-1 (461.7 KiB)
No changes file available.