Details
-
Type:
Improvement
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: EE-4.3.0.GA_P04, EE-3.3.0.GA_P10
-
Fix Version/s: EE-4.3.0.GA_P05, EE-3.3.0.GA_P11
-
Component/s: ACE-Components
-
Labels:None
-
Environment:Any
Description
The latest version of CKEditor 4, which is used by our ace:richTextEntry component, contains a number of security fixes among other improvements. Since a number of supported customers have inquired about possible security vulnerabilities in our current version of CKEditor (4.5.8), it is a good moment to upgrade our CKEditor sources to the latest (and last) available version of CKEditor 4 (4.22.1).
Activity
| Field | Original Value | New Value |
|---|---|---|
| Assignee | Arturo Zambrano [ artzambrano ] |
| Fix Version/s | EE-4.3.0.GA_P05 [ 14073 ] | |
| Fix Version/s | EE-3.3.0.GA_P11 [ 14074 ] |
| Status | Open [ 1 ] | Resolved [ 5 ] |
| Resolution | Fixed [ 1 ] |
The CKEditor used by ace:richTextEntry was upgraded to version 4.22.1. Several fixes and tweaks were made in the CKEditor code itself to make it work with ICEfaces and with JSF in general. All these changes are noted in the readme.txt file in the /richtextentry folder, under the resources folder of ACE components.