Security release for djangocms-text-ckeditor
20 views
Skip to first unread message
Jacob Rief
Aug 4, 2020, 5:51:46 AM8/4/20
to django CMS developers
I'd like to release a new version of djangocms-text-ckeditor. Possible versions would either be 3.9.2 or 3.10.0.
This is because we really should upgrade to a newer version of CKEditor, since the current one (4.7.3) has a documented XSS vulnerability.
If there are no objections, I will use version number 3.10.0. In my opinion a minor version number increase is appropriate here, since CKEditor
version 4.14.1 also adds a lot of new features.
– Jacob
Iacopo Spalletti
Aug 4, 2020, 6:34:00 AM8/4/20
to django-cms...@googlegroups.com
On 04/08/20 11:51, Jacob Rief wrote:
> I'd like to release a new version of djangocms-text-ckeditor
> <https://github.com/divio/djangocms-text-ckeditor>. Possible versions
> I'd like to release a new version of djangocms-text-ckeditor
> would either be 3.9.2 or 3.10.0.
> This is because we really should upgrade to a newer version of CKEditor,
> since the current one (4.7.3) has a documented XSS vulnerability.
>
> If there are no objections, I will use version number 3.10.0. In my
> opinion a minor version number increase is appropriate here, since CKEditor
> version 4.14.1 also adds a lot of new features.
:+1: from me for the update and releasing it at 3.10.0
> This is because we really should upgrade to a newer version of CKEditor,
> since the current one (4.7.3) has a documented XSS vulnerability.
>
> If there are no objections, I will use version number 3.10.0. In my
> opinion a minor version number increase is appropriate here, since CKEditor
> version 4.14.1 also adds a lot of new features.
Iacopo
>
> – Jacob
>
> --
> Message URL:
> https://groups.google.com/d/msg/django-cms-developers/topic-id/message-id
> Unsubscribe: send a message to
> django-cms-devel...@googlegroups.com
> ---
> You received this message because you are subscribed to the Google
> Groups "django CMS developers" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to django-cms-devel...@googlegroups.com
> <mailto:django-cms-devel...@googlegroups.com>.
> To view this discussion on the web, visit
> https://groups.google.com/d/msgid/django-cms-developers/5eaee04d-1ba6-4d7d-b2ea-83e49de0a3dfo%40googlegroups.com
> <https://groups.google.com/d/msgid/django-cms-developers/5eaee04d-1ba6-4d7d-b2ea-83e49de0a3dfo%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
Iacopo Spalletti
Nephila - Firenze
Phone: +39 055 5357189
Support: +39 055 3985730
https://nephila.digital
Jacob Rief
Aug 5, 2020, 8:51:39 AM8/5/20
to django CMS developers
Hi folks,
I have released a security update for https://github.com/divio/djangocms-text-ckeditor as version 3.10.0
I have released a security update for https://github.com/divio/djangocms-text-ckeditor as version 3.10.0
It fixes a XSS vulnerability found in earlier versions of CKEditor. This release upgrades CKEditor to version 4.14.0.
– Jacob
Mario Colombo
Aug 5, 2020, 8:54:14 AM8/5/20
to django-cms...@googlegroups.com
Thank you Jacob! Much appreciated!
--
Message URL: https://groups.google.com/d/msg/django-cms-developers/topic-id/message-id
Unsubscribe: send a message to django-cms-devel...@googlegroups.com
---
You received this message because you are subscribed to the Google Groups "django CMS developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-cms-devel...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/django-cms-developers/0a599f18-22fa-4005-9bb0-1990bd962bc4n%40googlegroups.com.
Mario Colombo
Partner
what. creates digital success.
Kreuzstrasse 24
8008 Zürich
Reply all
Reply to author
Forward
0 new messages