Debian Package Tracker

From: Bastien Roucariès <rouca@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted ckeditor 4.11.1+dfsg-1 (source) into unstable
Date: Wed, 14 Nov 2018 15:34:20 +0000
Signed by: Bastien ROUCARIÈS <roucaries.bastien@gmail.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 14 Nov 2018 16:04:19 +0100
Source: ckeditor
Binary: ckeditor
Architecture: source
Version: 4.11.1+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 ckeditor   - text editor which can be embedded into web pages
Changes:
 ckeditor (4.11.1+dfsg-1) unstable; urgency=high
 .
   * Security release:
     Fixed XSS vulnerability in the HTML parser reported by maxarr.
     Issue summary: It was possible to execute XSS inside CKEditor
     after persuading the victim to:
     (i) switch CKEditor to source mode, then
     (ii) paste a specially crafted HTML code, prepared by the attacker,
     into the opened CKEditor source area, and
     (iii) switch back to WYSIWYG mode.
   * Fix minors WYSIWYG mode issues.
Checksums-Sha1:
 dfbf5580bca1f684d838aae2c3734f3d33ee273c 2062 ckeditor_4.11.1+dfsg-1.dsc
 8909962cc469df7975c32a4e3aca5041b2b7fae5 7151336 ckeditor_4.11.1+dfsg.orig.tar.xz
 e02308ae32eb6b7c89a8f724bd64dbdea0c66a4d 10704 ckeditor_4.11.1+dfsg-1.debian.tar.xz
 58118e0537981f7428b2a3607b3a9b989cbedde8 11239 ckeditor_4.11.1+dfsg-1_source.buildinfo
Checksums-Sha256:
 f0155965784a922a17fd47d08ba053111866f8f9f9f04398b36c688bcd808b89 2062 ckeditor_4.11.1+dfsg-1.dsc
 d0e24607849fbcffbc29def9535f57c8e983c7eaf054cc06796f00a582441abd 7151336 ckeditor_4.11.1+dfsg.orig.tar.xz
 d880d3bdcd4fe7f850d5c7ff26281a8f9cb594db2a280b29a8f1ec18358b364c 10704 ckeditor_4.11.1+dfsg-1.debian.tar.xz
 4050102181570a051c4cda18ffa95dbd9e8b9aad7ccabc80233c4222ff264c8a 11239 ckeditor_4.11.1+dfsg-1_source.buildinfo
Files:
 3a0f721869e0643a8f64fbf699712fff 2062 javascript optional ckeditor_4.11.1+dfsg-1.dsc
 3ed48067b45ce801a1466bbc697731d4 7151336 javascript optional ckeditor_4.11.1+dfsg.orig.tar.xz
 5825f6b2e2de3c7e502469a75d1e7380 10704 javascript optional ckeditor_4.11.1+dfsg-1.debian.tar.xz
 005ee198010b820ddc38ac7f0aa93dc5 11239 javascript optional ckeditor_4.11.1+dfsg-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAlvsPSgACgkQADoaLapB
CF8oHRAArDk0IJa2z1PaSN3adIkHnQieEjVPkPssozzg08wloi7oWpN3UDk5RFWD
d1C1LCA6hd34xb8v1VD4ES2b9+iZoVB2BjFxfH8WnwNv1/QpLhw+INPK26qxlk/V
gygfreyj37xfLXFGicCtdwV7Z/jZ6emna0d2B/ugjsfio2am+2Nuj4Co51zUwhz1
Gfiygm9sSUPoaaT3OKCWaOqkNTheXIwS8X8z89TU3sC70hQxRwiO+sDaLb4mkJ5p
pKHI8kNgfVRhH4YZ/zDCBb2lbd99w7La+1jEfpH9W/uH9nWj1esRbT/IriHL1J+m
dYw8FMP4KdZA0k+f9paDkYdEvnaxHpQZ57gcAxDUKqVD9oOHH58SGveheSVXdkap
rlf/2y14G79aTtcV62YGK/PGYHNwR7r+eo62cqGsS7uvWTp2fXNMXMCUuFuVnVZ3
NJC8yaCruk0GfUqy9cRDFzFjqg3ntqTGz8VjqkU5BnEcXhi2eEvXD9o+2mfDkHfQ
jYi8WRJt/XplWFrZ8NacBsF3sirRlIo7+q3q7SJ2RzcfOavL+YVe+KlegiUoaolw
DZ/KBKUtUPJJ74qLhYYyACi+GSluHcimy0yCiPJeY2A6hs+NrAaCjQYiodJVTg1Z
+dA1lYXT05u5+cjIXCUXx+c3AZ0mosIykt5wdDlrNoW7nM0IKBU=
=Fj3s
-----END PGP SIGNATURE-----
News for package ckeditor
