ckeditor 4.12.1+dfsg-1ubuntu0.1 source package in Ubuntu

Changelog

ckeditor (4.12.1+dfsg-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: code injection in HTML data processor
    - debian/patches/CVE-2021-33829.patch: treat --!> as a valid comment
      end tag in core/htmlparser.js
    - CVE-2021-33289
    - CVE-2020-9281
  * SECURITY UPDATE: HTML injection in clipboard plugin
    - debian/patches/CVE-2021-32809.patch: clean unwanted characters and
      tags from clipboard data in plugins/clipboard/plugin.js
    - CVE-2021-32809
  * SECURITY UPDATE: code injection through fake objects.
    - debian/patches/CVE-2021-37695.patch: perform filtering over the
      content used to restore real element in fakeobjects/plugin.js.
    - CVE-2021-37695

 -- David Fernandez Gonzalez <email address hidden>  Fri, 18 Mar 2022 11:27:31 +0100

Upload details

Uploaded by:
David Fernandez Gonzalez
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
javascript
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates universe web
Focal security universe web

Builds

Focal: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
ckeditor_4.12.1+dfsg.orig.tar.xz 7.5 MiB b9076c89ac4bd6b649feb3e554cd7df7b3ed1d210451bfa806cecef02b39262a
ckeditor_4.12.1+dfsg-1ubuntu0.1.debian.tar.xz 12.9 KiB e7a079f7a1274e564a8b70c7c5600d5c02a6df9809ef2e9fcbace42ff03260a3
ckeditor_4.12.1+dfsg-1ubuntu0.1.dsc 2.0 KiB f97fe9d4fc8c69f9a7df653025651dcc5530bbdc1bd3a612b1cb5bb21038b802

View changes file

Binary packages built by this source

ckeditor: text editor which can be embedded into web pages

 CKEditor is a WYSIWYG editor which can be embedded into web pages.
 WYSIWYG means that the text being edited looks as similar
 as possible to the results users have when publishing it.
 .
 It brings to the web common editing features found on desktop
 editing applications like Microsoft Word and OpenOffice.