Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
89
security advisoryFedoraXSSFedora 37: CKEditor 4.20 Security Update Critical: XSS Issues
--------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-4c634ee466 2022-11-10 22:04:44.630479 --------------------------------------------------------------------------------Name : ckeditor Product : Fedora 37 Version : 4.20.0 Release : 1.fc37 URL : https://ckeditor.com/ Summary : WYSIWYG text editor to be used inside web pages Description : CKEditor is a text editor to be used inside web pages. It's a WYSIWYG editor, which means that the text being edited on it looks as similar as possible to the results users have when publishing it. It brings to the web common editing features found on desktop editing applications like Microsoft Word and OpenOffice. --------------------------------------------------------------------------------Update Information: ## CKEditor 4.20 New Features: * [#5084](https://github.com/ckeditor/ckeditor4/issues/5084): Added the [`config.t abletools_scopedHeaders`](https://ckeditor.com/docs/404.html) configuration option controlling the behaviour of table headers with and without the `[scope]` attribute. * [#5219](https://github.com/ckeditor/ckeditor4/issues/5219): Added the [`config.image2_defaultLockRatio`](https://ckeditor.com/docs/404.html _config.html#cfg-image2_defaultLockRatio) configuration option allowing to setthe default value of the "Lock ratio" option in the [Enhanced Image](https://ckeditor.com/cke4/addon/image2) dialog. * [#2008](https://github.com/ckeditor/ckeditor4/issues/2008): Extended the [Mentions](https://ckeditor.com/cke4/addon/mentions) and [Emoji](https://ckeditor.com/cke4/addon/emoji) plugins with a feature option that adds a space after an accepted autocompletion match. See: * [`configDefinition.followingSpace`](https://ckeditor.com/docs/404.html ITOR_plugins_mentions_configDefinition.html#property-followingSpace) option for the mentions plugin, and *[`config.emoji_followingSpace`](tor.com/docs/ckeditor4/latest/api/CKEDITOR_config.html#cfg-emoji_followingSpace) option for the emoji plugin. * [#5215](https://github.com/ckeditor/ckeditor4/issues/5215): Added the [`config.coreStyles_toggleSubSup`](https://ckeditor.com/docs/404.html) configuration option which disallows setting the subscript and superscript on the same element simultaneously using UI buttons. This option is turned off by default. Fixed Issues: * [#4889](https://github.com/ckeditor/ckeditor4/issues/4889): Fixed: Incorrect position of the [Table Resize](https://ckeditor.com/cke4/addon/tableresize) cursor after scrolling the editor horizontally. * [#5319](https://github.com/ckeditor/ckeditor4/issues/5319): Fixed: [Autolink](https://ckeditor.com/cke4/addon/autolink) [`config.autolink_urlRegex`](https://ckeditor.com/docs/404.html) option produced invalid links when configured directly using the editor instance config. Thanks to [Aigars Zeiza](https://github.com/Zuzon)! * [#4941](https://github.com/ckeditor/ckeditor4/issues/4941): Fixed: Some entities got wrongly encoded when using [`entities_processNumerical true`](https://ckeditor.com/docs/404.html) configuration option. * [#4931](https://github.com/ckeditor/ckeditor4/issues/4931): Fixed: Selecting the whole editor content when there is only a list with an empty element at the end inside and deleting it did not delete all list items. API changes: * [#5122](https://github.com/ckeditor/ckeditor4/issues/5122): Added the ability to provide a list of buttons as an array to the [`config.removeButtons`](https://ckeditor.com/docs/404.html) config variable. * [#2008](https://github.com/ckeditor/ckeditor4/issues/2008): Added [Autocomplete](https://ckeditor.com/cke4/addon/autocomplete) [`followingSp ace`](https://ckeditor.com/docs/404.html) option that finishes an accepted match with a space. ## CKEditor 4.19.1 Fixed Issues: * [#5125](https://github.com/ckeditor/ckeditor4/issues/5125): Fixed: Deleting a widget with disabled[autoParagraph](https://ckeditor.com/docs/404.html) by the keyboard `backspace` key removes the editor editable area and crashes the editor. * [#5135](https://github.com/ckeditor/ckeditor4/issues/5135): Fixed: The [`checkbo x.setValue`](https://ckeditor.com/docs/404.html) and [`radio.setValue`](https://ckeditor.com/docs/404.html keditor4/latest/api/CKEDITOR_ui_dialog_radio.html#method-setValue) methods are not chainable as stated in the documentation. Thanks to [Jordan Bradford](https://github.com/LordPachelbel)! * [#5085](https://github.com/ckeditor/ckeditor4/issues/5085): Fixed: The [Language](https://ckeditor.com/cke4/addon/language) plugin removes the element marking the text in foreign language if said element does not have an information about the text direction. * [#4284](https://github.com/ckeditor/ckeditor4/issues/4284): Fixed: [Tableselection](https://ckeditor.com/cke4/addon/tableselection) Merging cells with a rowspan throws an unexpected error and does not create an undo step. * [#5184](https://github.com/ckeditor/ckeditor4/issues/5184): Fixed: The [Editor Placeholder](https://ckeditor.com/cke4/addon/wysiwygarea) plugin degrades typing performance. * [#5158](https://github.com/ckeditor/ckeditor4/issues/5158): Fixed: [`CKEDITOR.tools#convertToPx()`](https://ckeditor.com/docs/404.html) gives invalid results if the helper calculator element was deleted from the DOM. * [#5234](https://github.com/ckeditor/ckeditor4/issues/5234): Fixed: [Easy Image](https://ckeditor.com/cke4/addon/easyimage) doesn't allow to upload images files using toolbar button. * [#438](https://github.com/ckeditor/ckeditor4/issues/438): Fixed: It is impossible to navigate to the [elementspath](https://ckeditor.com/cke4/addon/elementspath) from the [toolbar](https://ckeditor.com/cke4/addon/toolbar) by keyboard and vice versa. * [#4449](https://github.com/ckeditor/ckeditor4/issues/4449): Fixed: [`dialog.vali date#functions`](https://ckeditor.com/docs/404.html#method-functions) incorrectly composes functionsthat return an optional error message, like e.g. [`dialog.validate.number`](https://ckeditor.com/docs/404.html#method-number) due to unnecessary return type coercion. * [#4473](https://github.com/ckeditor/ckeditor4/issues/4473): Fixed: The [dialog.v alidate](https://ckeditor.com/docs/404.html) method does not accept parameter value. The issue originated in [dialog.v alidate.functions](https://ckeditor.com/docs/404.html#method-functions) method that did not properly propagate parameter value to validator. Affected validators: * [`functions`](https://ckeditor.com/docs/404.html#method-functions) * [`equals`](https://ckeditor.com/docs/404.html#method-equals) * [`notEqual`](tor.com/docs/ckeditor4/latest/api/CKEDITOR_dialog_validate.html#method-notEqual) * [`cssLength`](https://ckeditor.com/docs/404.html#method-cssLength) * [`htmlLength`](s/ckeditor4/latest/api/CKEDITOR_dialog_validate.html#method-htmlLength) * [`inlineStyle`](https://ckeditor.com/docs/404.html#method-inlineStyle) * [#5147](https://github.com/ckeditor/ckeditor4/issues/5147): Fixed: The [Accessibility Help](https://ckeditor.com/cke4/addon/a11yhelp) dialog does not contain info about focus being moved back to the editing area upon leaving dialogs. * [#5144](https://github.com/ckeditor/ckeditor4/issues/5144): Fixed: [Menu buttons](https://ckeditor.com/cke4/addon/menubutton) and [panel buttons](https://ckeditor.com/cke4/addon/panelbutton) incorrectly indicate the open status of their associated pop-up menus in the browser's accessibility tree. * [#5022](https://github.com/ckeditor/ckeditor4/issues/5022): Fixed: [Find and Replace](https://ckeditor.com/cke4/addon/find) does not respond to the `Enter` key. API changes: * [#5184](https://github.com/ckeditor/ckeditor4/issues/5184): Added the [`config.e ditorplaceholder_delay`](https://ckeditor.com/docs/404.html) configuration option allowing to delay placeholder before it is toggled when changing editor content.* [#5184](https://github.com/ckeditor/ckeditor4/issues/5184): Added the [`CKEDITOR.tools#debounce()`](https://ckeditor.com/docs/404.html) function allowing to postpone a passed function execution until the given milliseconds have elapsed since the last time it was invoked. ## CKEditor 4.19.0 New features: * [#2444](https://github.com/ckeditor/ckeditor4/issues/2444): Togglable toolbar buttons are now exposed as toggle buttons in the browser's accessibility tree. * [#4641](https://github.com/ckeditor/ckeditor4/issues/4641): Added an option allowing to cancel the [Delayed Editor Creation](https://ckeditor.com/docs/404.html) feature as a function handle for editor creators ([`CKEDITOR.replace`](https://ckeditor.com/docs/404.html), [`CKEDITOR.inline`](s/ckeditor4/latest/api/CKEDITOR.html#method-inline), [`CKEDITOR.appendTo`](https://ckeditor.com/docs/404.html). * [#4986](https://github.com/ckeditor/ckeditor4/issues/4986): Added [`config.shift LineBreaks`](https://ckeditor.com/docs/404.html) allowing to preserve inline elements formatting when the `shift`+`enter` keystroke is used. * [#2445](https://github.com/ckeditor/ckeditor4/issues/2445): Added [`config.applicationTitle`](https://ckeditor.com/docs/404.html) configuration option allowing to customize or disable the editor's application region label. This option, combined with [`config.title `](https://ckeditor.com/docs/404.html), gives much better control over the editor's labels read by screen readers. Fixed Issues: * [#4543](https://github.com/ckeditor/ckeditor4/issues/4543): Fixed: Toolbar buttons toggle state is not correctly announced by screen readers lacking the information whether the feature is on or off. * [#4052](https://github.com/ckeditor/ckeditor4/issues/4052): Fixed: Editor labels are read incorrectly by screen readers due to invalid editor control type for the [Iframe Editing Area](https://ckeditor.com/cke4/addon/wysiwygarea) editors. * [#1904](https://github.com/ckeditor/ckeditor4/issues/1904): Fixed: Screen readers arenot announcing the read-only editor state. * [#4904](https://github.com/ckeditor/ckeditor4/issues/4904): Fixed: Table cell selection and navigation with the `tab` key behavior is inconsistent after adding a new row. * [#3394](https://github.com/ckeditor/ckeditor4/issues/3394): Fixed: [Enhanced image](https://ckeditor.com/cke4/addon/image2) plugin dialog is not supporting URL with query string parameters. Thanks to [Simon Urli](https://github.com/surli)! * [#5049](https://github.com/ckeditor/ckeditor4/issues/5049): Fixed: The editor fails in strict mode due to not following the `use strict` directives in a core editor module. * [#5095](https://github.com/ckeditor/ckeditor4/issues/5095): Fixed: The [clipboard](https://ckeditor.com/cke4/addon/clipboard) plugin shows notification about unsupported file format when the file type is different than `jpg`, `gif`, `png`, not respecting [supported types](https://ckeditor.com/docs/404.html) by the [Upload Widget](https://ckeditor.com/cke4/addon/uploadwidget) plugin. * [#4855](https://github.com/ckeditor/ckeditor4/issues/4855): [iOS] Fixed: Focusing toolbar buttons with an enabled VoiceOver screen reader moves the browser focus into an editable area and interrupts button functionality. API changes: * [#4641](https://github.com/ckeditor/ckeditor4/issues/4641): The [`CK EDITOR.replace`](https://ckeditor.com/docs/404.html), [`CKEDITOR.inline`](https://ckeditor.com/docs/404.html), [`CKEDITOR.appendTo`](https://ckeditor.com/docs/404.html functions are now returning a handle function allowing to cancel the [Delayed Editor Creation](https://ckeditor.com/docs/404.html) feature. * [#5095](https://github.com/ckeditor/ckeditor4/issues/5095): Added the [CKEDITOR. plugins.clipboard.addFileMatcher](https://ckeditor.com/docs/404.html) function allowing to define file formats supported by the [clipboard](https://ckeditor.com/cke4/addon/clipboard) plugin. Trying to paste unsupported files will result in a notification that a file cannot be dropped or pasted intothe editor. * [#2445](https://github.com/ckeditor/ckeditor4/issues/2445): Added [`config.appli cationTitle`](https://ckeditor.com/docs/404.html) alongside [`CKEDITOR.editor#applicationTitle`](https://ckeditor.com/docs/404.html) to allow customizing editor's application region label. ## CKEditor 4.18.0 **Security Updates:** * Fixed an XSS vulnerability in the core module reported by GitHub Security Lab team member [Kevin Backhouse](https://github.com/kevinbackhouse). Issue summary: The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result in executing a JavaScript code. See [CVE-2022-24728](https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-4fc4-4p5g-6w89) for more details. * Fixed a Regular expression Denial of Service (ReDoS) vulnerability in dialog plugin discovered by the CKEditor 4 team during our regular security audit. Issue summary: The vulnerability allowed to abuse a dialog input validator regular expression, which could cause a significant performance drop resulting in a browser tab freeze. See [CVE-2022-24729](https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-f6rf-9m92-x2hh) for more details. You can read more details in the relevant security advisory and [contact us](
Nov 10, 2022
•Critical
Fedora
89
security advisoryfedoraxss fixFedora 27 FEDORA-2018-e29c7d10da Critical: CKEditor XSS Fix
## 4.9.2 https://ckeditor.com/cke4/release/CKEditor-4.9.2 ### Security Updates - Fixed XSS vulnerability in the Enhanced Image (image2) plugin reported by Kyaw Min Thein. - Issue summary: It was possible to execute XSS inside CKEditor using the tag and specially crafted HTML. Please note that the default presets (Basic/Standard/Full) do not include this plugin, so you are only at . --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-e29c7d10da 2018-05-10 19:17:16.408171 --------------------------------------------------------------------------------Name : ckeditor Product : Fedora 27 Version : 4.9.2 Release : 1.fc27 URL : https://ckeditor.com/ Summary : WYSIWYG text editor to be used inside web pages Description : CKEditor is a text editor to be used inside web pages. It's a WYSIWYG editor, which means that the text being edited on it looks as similar as possible to the results users have when publishing it. It brings to the web common editing features found on desktop editing applications like Microsoft Word and OpenOffice. --------------------------------------------------------------------------------Update Information: ## 4.9.2 https://ckeditor.com/cke4/release/CKEditor-4.9.2 ### Security Updates - Fixed XSS vulnerability in the Enhanced Image (image2) plugin reported by Kyaw Min Thein. - Issue summary: It was possible to execute XSS inside CKEditor using the tag and specially crafted HTML. Please note that the default presets (Basic/Standard/Full) do not include this plugin, so you are only at risk if you made a custom build and enabled this plugin. ## 4.9.1 https://ckeditor.com/cke4/release/CKEditor-4.9.1 ### Fixed Issues - \#1835: Fixed: Integration between CKFinder and File Browser plugin does not work. ## 4.9.0 https://ckeditor.com/cke4/release/CKEditor-4.9.0 ### New Features -\#932: Introduced Easy Image feature for inserting images that areautomatically rescaled, optimized, responsive and delivered through a blazing-fast CDN. Three new plugins were added to support it: - Easy Image - Cloud Services - Image Base - \#1338: Keystroke labels are displayed for function keys (like F7, F8). - \#643: The File Browser plugin can now upload files using XHR requests. This allows for setting custom HTTP headers using the config.fileTools_requestHeaders configuration option. - \#1365: The File Browser plugin uses XHR requests by default. - \#1399: Added the possibility to set CKEDITOR.config.startupFocus as start or end to specify where the editor focus should be after the initialization. - \#1441: The Magic Line plugin line element can now be identified by the data-cke-magic-line="1" attribute. ### Fixed Issues - \#595: Fixed: Pasting does not work on mobile devices. - \#869: Fixed: Empty selection clears cached clipboard data in the editor. - \#1419: Fixed: The Widget Selection plugin selects the editor content with the Alt+A key combination on Windows. - \#1274: Fixed: Balloon Toolbar does not match a single selected image using the contextDefinition.cssSelectormatcher. - \#1232: Fixed: Balloon Toolbar buttons should be registered as focusable elements. - \#1342: Fixed: Balloon Toolbar should be re-positioned after the change event. - \#1426: [IE8-9] Fixed: Missing Balloon Toolbar background in the Kama skin. Thanks to Christian Elmer! - \#1470: Fixed: Balloon Toolbar is not visible after drag and drop of a widget it is attached to. - \#1048: Fixed: Balloon Panel is not positioned properly when a margin is added to its non-static parent. - \#889: Fixed: Unclear error message for width and height fields in the Image and Enhanced Image plugins. - \#859: Fixed: Cannot edit a link after a double-click on the text in the link. - \#1013: Fixed: Paste from Word does not work correctly with the config.forcePasteAsPlainText option. - \#1356: Fixed: Border parse function does not allow spaces in the color value. - \#1010: Fixed:The CSS border shorthand property was incorrectly expanded ignoring the border-color style. - \#1535: Fixed: Widget mouseover border contrast is insufficient. -\#1516: Fixed: Fake selection allows removing content in read-only mode using the Backspace and Delete keys. - \#1570: Fixed: Fake selection allows cutting content in read-only mode using the Ctrl/Cmd + X keys. - \#1363: Fixed: Paste notification is unclear and it might confuse users. ### API Changes - \#1346: Balloon Toolbar context manager API is now available in the pluginDefinition.init method of the requiringplugin. - \#1530: Added the possibility to use custom icons for buttons. ### Other Changes - Updated SCAYT (Spell Check As You Type) and WebSpellChecker plugins: - SCAYT scayt_minWordLength configuration option now defaults to 3 instead of 4. -SCAYT default number of suggested words in the context menu changed to 3. -\#90: Fixed: Selection is lost on link creation if SCAYT highlights the word. - Fixed: SCAYT crashes when the browser localStorage is disabled. - [IE11] Fixed: Unable to get property type of undefined or null reference error in the browser console when SCAYT is disabled/enabled. - \#46: Fixed: Editing is blocked when remote spell checker server is offline. - Fixed: User Dictionary cannot be created in WSC due to You already have the dictionary error. - Fixed: Words with apostrophe ' on the replacement make the WSC dialog inaccessible. - Fixed: SCAYT/WSC causes the Uncaught TypeError error in the browser console. - \#1337: Updated the samples layout with the new CKEditor 4 logo and color scheme. - \#1591: CKBuilder and language tools are now downloaded over HTTPS. Thanks to August Detlefsen! --------------------------------------------------------------------------------ChangeLog: * Sun Apr 29 2018 Shawn Iwinski - 4.9.2-1 - Update to 4.9.2 (RHBZ #1556589) - Fix license files * Wed Feb 7 2018 Fedora Release Engineering - 4.8.0-2 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Dec 14 2017 Shawn Iwinski - 4.8.0-1 - Update to 4.8.0 (RHBZ #1525735) * Sun Oct 8 2017 Shawn Iwinski - 4.7.3-1 - Update to 4.7.3 (RHBZ #1491261) --------------------------------------------------------------------------------References: [ 1 ] Bug #1556589 - ckeditor-4.9.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1556589 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-e29c7d10da' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 10, 2018
•Critical
Fedora
89
security advisoryfedorasecurity fixFedora 26: 2018-1361f39801 Critical: CKEditor XSS Problem Fix
## 4.9.2 https://ckeditor.com/cke4/release/CKEditor-4.9.2 ### Security Updates - Fixed XSS vulnerability in the Enhanced Image (image2) plugin reported by Kyaw Min Thein. - Issue summary: It was possible to execute XSS inside CKEditor using the tag and specially crafted HTML. Please note that the default presets (Basic/Standard/Full) do not include this plugin, so you are only at . --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-1361f39801 2018-05-10 19:10:38.100931 --------------------------------------------------------------------------------Name : ckeditor Product : Fedora 26 Version : 4.9.2 Release : 1.fc26 URL : https://ckeditor.com/ Summary : WYSIWYG text editor to be used inside web pages Description : CKEditor is a text editor to be used inside web pages. It's a WYSIWYG editor, which means that the text being edited on it looks as similar as possible to the results users have when publishing it. It brings to the web common editing features found on desktop editing applications like Microsoft Word and OpenOffice. --------------------------------------------------------------------------------Update Information: ## 4.9.2 https://ckeditor.com/cke4/release/CKEditor-4.9.2 ### Security Updates - Fixed XSS vulnerability in the Enhanced Image (image2) plugin reported by Kyaw Min Thein. - Issue summary: It was possible to execute XSS inside CKEditor using the tag and specially crafted HTML. Please note that the default presets (Basic/Standard/Full) do not include this plugin, so you are only at risk if you made a custom build and enabled this plugin. ## 4.9.1 https://ckeditor.com/cke4/release/CKEditor-4.9.1 ### Fixed Issues - \#1835: Fixed: Integration between CKFinder and File Browser plugin does not work. ## 4.9.0 https://ckeditor.com/cke4/release/CKEditor-4.9.0 ### New Features -\#932: Introduced Easy Image feature for inserting images that areautomatically rescaled, optimized, responsive and delivered through a blazing-fast CDN. Three new plugins were added to support it: - Easy Image - Cloud Services - Image Base - \#1338: Keystroke labels are displayed for function keys (like F7, F8). - \#643: The File Browser plugin can now upload files using XHR requests. This allows for setting custom HTTP headers using the config.fileTools_requestHeaders configuration option. - \#1365: The File Browser plugin uses XHR requests by default. - \#1399: Added the possibility to set CKEDITOR.config.startupFocus as start or end to specify where the editor focus should be after the initialization. - \#1441: The Magic Line plugin line element can now be identified by the data-cke-magic-line="1" attribute. ### Fixed Issues - \#595: Fixed: Pasting does not work on mobile devices. - \#869: Fixed: Empty selection clears cached clipboard data in the editor. - \#1419: Fixed: The Widget Selection plugin selects the editor content with the Alt+A key combination on Windows. - \#1274: Fixed: Balloon Toolbar does not match a single selected image using the contextDefinition.cssSelectormatcher. - \#1232: Fixed: Balloon Toolbar buttons should be registered as focusable elements. - \#1342: Fixed: Balloon Toolbar should be re-positioned after the change event. - \#1426: [IE8-9] Fixed: Missing Balloon Toolbar background in the Kama skin. Thanks to Christian Elmer! - \#1470: Fixed: Balloon Toolbar is not visible after drag and drop of a widget it is attached to. - \#1048: Fixed: Balloon Panel is not positioned properly when a margin is added to its non-static parent. - \#889: Fixed: Unclear error message for width and height fields in the Image and Enhanced Image plugins. - \#859: Fixed: Cannot edit a link after a double-click on the text in the link. - \#1013: Fixed: Paste from Word does not work correctly with the config.forcePasteAsPlainText option. - \#1356: Fixed: Border parse function does not allow spaces in the color value. - \#1010: Fixed:The CSS border shorthand property was incorrectly expanded ignoring the border-color style. - \#1535: Fixed: Widget mouseover border contrast is insufficient. -\#1516: Fixed: Fake selection allows removing content in read-only mode using the Backspace and Delete keys. - \#1570: Fixed: Fake selection allows cutting content in read-only mode using the Ctrl/Cmd + X keys. - \#1363: Fixed: Paste notification is unclear and it might confuse users. ### API Changes - \#1346: Balloon Toolbar context manager API is now available in the pluginDefinition.init method of the requiringplugin. - \#1530: Added the possibility to use custom icons for buttons. ### Other Changes - Updated SCAYT (Spell Check As You Type) and WebSpellChecker plugins: - SCAYT scayt_minWordLength configuration option now defaults to 3 instead of 4. -SCAYT default number of suggested words in the context menu changed to 3. -\#90: Fixed: Selection is lost on link creation if SCAYT highlights the word. - Fixed: SCAYT crashes when the browser localStorage is disabled. - [IE11] Fixed: Unable to get property type of undefined or null reference error in the browser console when SCAYT is disabled/enabled. - \#46: Fixed: Editing is blocked when remote spell checker server is offline. - Fixed: User Dictionary cannot be created in WSC due to You already have the dictionary error. - Fixed: Words with apostrophe ' on the replacement make the WSC dialog inaccessible. - Fixed: SCAYT/WSC causes the Uncaught TypeError error in the browser console. - \#1337: Updated the samples layout with the new CKEditor 4 logo and color scheme. - \#1591: CKBuilder and language tools are now downloaded over HTTPS. Thanks to August Detlefsen! --------------------------------------------------------------------------------ChangeLog: * Sun Apr 29 2018 Shawn Iwinski - 4.9.2-1 - Update to 4.9.2 (RHBZ #1556589) - Fix license files * Wed Feb 7 2018 Fedora Release Engineering - 4.8.0-2 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Dec 14 2017 Shawn Iwinski - 4.8.0-1 - Update to 4.8.0 (RHBZ #1525735) * Sun Oct 8 2017 Shawn Iwinski - 4.7.3-1 - Update to 4.7.3 (RHBZ #1491261) * Wed Aug 30 2017 Shawn Iwinski - 4.7.2-1 - Update to 4.7.2 (RHBZ #1482711) * Wed Jul 26 2017 Fedora Release Engineering - 4.7.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Sat Jul 8 2017 Shawn Iwinski - 4.7.1-1 - Update to 4.7.1 (RHBZ #1455719) --------------------------------------------------------------------------------References: [ 1 ] Bug #1556589 - ckeditor-4.9.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1556589 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-1361f39801' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 10, 2018
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!