ICEfaces
  1. ICEfaces
  2. ICE-11563

Update our CKEditor code with new security fixes

    Details

    • Type: Task Task
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: EE-4.3.0.GA_P05, EE-3.3.0.GA_P11
    • Component/s: ACE-Components
    • Labels:
      None
    • Environment:
      Any

      Description

      For our previous patch release, we updated our CKEditor code to version 4.22.1, which is the last version of the non-LTS CKEditor 4 line. Since then a number of vulnerabilities have been found and the respective fixes have been applied to the CKEditor 4 LTS, which is now at version 4.25.0. Since we don't use the LTS variant of CKEditor 4, we have to apply these security updates manually to our existing code. This JIRA is to apply those fixes.

      More specific details about these vulnerabilities can be found on this page:

      https://security.snyk.io/package/npm/ckeditor4/4.22.1

        Activity

        Arturo Zambrano created issue -
        Arturo Zambrano made changes -
        Field Original Value New Value
        Fix Version/s EE-3.3.0.GA_P12 [ 14176 ]
        Arturo Zambrano made changes -
        Fix Version/s EE-4.3.0.GA_P06 [ 14175 ]
        Arturo Zambrano made changes -
        Affects Version/s EE-4.3.0.GA_P05 [ 14073 ]

          People

          • Assignee:
            Arturo Zambrano
            Reporter:
            Arturo Zambrano
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated: