ckeditor 4.12.1+dfsg-1ubuntu0.1 source package in Ubuntu
Changelog
ckeditor (4.12.1+dfsg-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: code injection in HTML data processor
- debian/patches/CVE-2021-33829.patch: treat --!> as a valid comment
end tag in core/htmlparser.js
- CVE-2021-33289
- CVE-2020-9281
* SECURITY UPDATE: HTML injection in clipboard plugin
- debian/patches/CVE-2021-32809.patch: clean unwanted characters and
tags from clipboard data in plugins/clipboard/plugin.js
- CVE-2021-32809
* SECURITY UPDATE: code injection through fake objects.
- debian/patches/CVE-2021-37695.patch: perform filtering over the
content used to restore real element in fakeobjects/plugin.js.
- CVE-2021-37695
-- David Fernandez Gonzalez <email address hidden> Fri, 18 Mar 2022 11:27:31 +0100
Upload details
- Uploaded by:
- David Fernandez Gonzalez
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- javascript
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | updates | universe | web | |
| Focal | security | universe | web |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| ckeditor_4.12.1+dfsg.orig.tar.xz | 7.5 MiB | b9076c89ac4bd6b649feb3e554cd7df7b3ed1d210451bfa806cecef02b39262a |
| ckeditor_4.12.1+dfsg-1ubuntu0.1.debian.tar.xz | 12.9 KiB | e7a079f7a1274e564a8b70c7c5600d5c02a6df9809ef2e9fcbace42ff03260a3 |
| ckeditor_4.12.1+dfsg-1ubuntu0.1.dsc | 2.0 KiB | f97fe9d4fc8c69f9a7df653025651dcc5530bbdc1bd3a612b1cb5bb21038b802 |
Available diffs
Binary packages built by this source
- ckeditor: text editor which can be embedded into web pages
CKEditor is a WYSIWYG editor which can be embedded into web pages.
WYSIWYG means that the text being edited looks as similar
as possible to the results users have when publishing it.
.
It brings to the web common editing features found on desktop
editing applications like Microsoft Word and OpenOffice.
