Publishing details
Changelog
ckeditor (4.12.1+dfsg-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: code injection in HTML data processor
- debian/patches/CVE-2021-33829.patch: treat --!> as a valid comment
end tag in core/htmlparser.js
- CVE-2021-33289
- CVE-2020-9281
* SECURITY UPDATE: HTML injection in clipboard plugin
- debian/patches/CVE-2021-32809.patch: clean unwanted characters and
tags from clipboard data in plugins/clipboard/plugin.js
- CVE-2021-32809
* SECURITY UPDATE: code injection through fake objects.
- debian/patches/CVE-2021-37695.patch: perform filtering over the
content used to restore real element in fakeobjects/plugin.js.
- CVE-2021-37695
-- David Fernandez Gonzalez <email address hidden> Fri, 18 Mar 2022 11:27:31 +0100
Builds
Built packages
-
ckeditor
text editor which can be embedded into web pages
Package files