CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Discussion (deprecated) »
  • Feature Requests and Suggestions (Moderator: Dave Greenberg) »
  • ckeditor upgrade for security fix
Pages: [1]

Author Topic: ckeditor upgrade for security fix  (Read 1670 times)

chiebert

  • I post occasionally
  • **
  • Posts: 50
  • Karma: 1
  • CiviCRM version: 4.3
  • CMS version: Drupal 7
  • MySQL version: 5.1
  • PHP version: 5.3
ckeditor upgrade for security fix
June 15, 2011, 04:39:43 pm
Not sure where to post this, but the security team at Drupal has alerted that community to a security issue in the (unrelated) Ckeditor project and is urging their users to update their copies of that library to 3.5.4 or later. Here's a link to the Ckeditor release announcement for 3.5.4, which mentions the XSS vulnerability it fixes: http://ckeditor.com/blog/CKEditor_3.5.4_released. Currently CiviCRM includes Ckeditor 3.5 (as of Civi 4.0.3).

Kurund Jalmi

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4169
  • Karma: 128
    • CiviCRM
  • CiviCRM version: 4.x, future
  • CMS version: Drupal 7, Joomla 3.x
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: ckeditor upgrade for security fix
June 16, 2011, 10:45:31 am
Thanks for the information, we will upgrade CKeditor for 3.4.4 / 4.0.4 release.

Kurund
Found this reply helpful? Support CiviCRM
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Discussion (deprecated) »
  • Feature Requests and Suggestions (Moderator: Dave Greenberg) »
  • ckeditor upgrade for security fix

This forum was archived on 2017-11-26.