Debian Package Tracker
Register | Log in
Subscribe

tinymce

platform independent web based Javascript/HTML WYSIWYG editor

Choose email to subscribe with

general
  • source: tinymce (main)
  • version: 3.4.8+dfsg0-2
  • maintainer: Debian QA Group (DMD)
  • arch: all
  • std-ver: 4.0.0
  • VCS: unknown
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 3.4.8+dfsg0-1
  • oldstable: 3.4.8+dfsg0-2
versioned links
  • 3.4.8+dfsg0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.4.8+dfsg0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • tinymce
package is gone
This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.
action needed
4 low-priority security issues in buster low

There are 4 open security issues in buster.

4 issues left for the package maintainer to handle:
  • CVE-2012-4230: (needs triaging) The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the (1) encoding directive and (2) valid_elements attribute, which allows attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors, as demonstrated using a textarea element.
  • CVE-2020-12648: (needs triaging) A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode.
  • CVE-2020-17480: (needs triaging) TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.
  • CVE-2019-1010091: (needs triaging) tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element's embed tab.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-12-05 06:30
news
[rss feed]
  • [2020-12-16] tinymce REMOVED from testing (Debian testing watch)
  • [2020-12-14] Removed 3.4.8+dfsg0-3 from unstable (Debian FTP Masters)
  • [2020-04-10] tinymce 3.4.8+dfsg0-3 MIGRATED to testing (Debian testing watch)
  • [2020-04-04] Accepted tinymce 3.4.8+dfsg0-3 (source) into unstable (Joao Eriberto Mota Filho)
  • [2017-08-10] tinymce 3.4.8+dfsg0-2 MIGRATED to testing (Debian testing watch)
  • [2017-08-05] Accepted tinymce 3.4.8+dfsg0-2 (source) into unstable (Joao Eriberto Mota Filho)
  • [2012-03-16] tinymce 3.4.8+dfsg0-1 MIGRATED to testing (Debian testing watch)
  • [2012-03-06] Accepted tinymce 3.4.8+dfsg0-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2011-07-26] tinymce 3.4.3.2+dfsg0-1 MIGRATED to testing (Debian testing watch)
  • [2011-07-15] Accepted tinymce 3.4.3.2+dfsg0-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2011-06-03] tinymce 3.4.2+dfsg0-1 MIGRATED to testing (Debian testing watch)
  • [2011-05-23] Accepted tinymce 3.4.2+dfsg0-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2010-12-30] Accepted tinymce 3.3.9.3+dfsg0-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2010-12-13] tinymce 3.3.8+dfsg0-0.1 MIGRATED to testing (Debian testing watch)
  • [2010-12-02] Accepted tinymce 3.3.8+dfsg0-0.1 (source all) (Didier Raboud) (signed by: Xavier Oswald)
  • [2010-07-23] tinymce 3.3.8-1 MIGRATED to testing (Debian testing watch)
  • [2010-07-12] Accepted tinymce 3.3.8-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2010-06-22] tinymce 3.3.7-1 MIGRATED to testing (Debian testing watch)
  • [2010-06-11] Accepted tinymce 3.3.7-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2010-06-05] tinymce 3.3.6-1 MIGRATED to testing (Debian testing watch)
  • [2010-05-25] Accepted tinymce 3.3.6-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2010-05-19] Accepted tinymce 3.3.5.1-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2010-05-09] tinymce 3.3.4-1 MIGRATED to testing (Debian testing watch)
  • [2010-04-28] Accepted tinymce 3.3.4-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2010-04-24] Accepted tinymce 3.3.3-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2010-04-14] tinymce 3.3.2-1 MIGRATED to testing (Debian testing watch)
  • [2010-04-03] Accepted tinymce 3.3.2-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2009-10-12] tinymce 3.2.7-1 MIGRATED to testing (Debian testing watch)
  • [2009-10-01] Accepted tinymce 3.2.7-1 (source all) (Frank Habermann) (signed by: Daniel Baumann)
  • [2009-08-31] tinymce 3.2.6-1 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 0
links
  • homepage
  • buildd: logs, clang
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing