mahara-contributors team mailing list archive

Thread
Date

[Bug 1962805] A change has been merged

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Mahara Bot <1962805@xxxxxxxxxxxxxxxxxx>
Date: Wed, 09 Mar 2022 20:47:48 -0000
Reply-to: Bug 1962805 <1962805@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Reviewed:  https://reviews.mahara.org/12465
Committed: https://git.mahara.org/mahara/mahara/commit/b7135e1cdc8de8743c7733b19089ede231f26412
Submitter: Robert Lyon (robertl@xxxxxxxxxxxxxxx)
Branch:    main

commit b7135e1cdc8de8743c7733b19089ede231f26412
Author: Dianne Tennent <dianne.tennent@xxxxxxxxxxxxxxx>
Date:   Fri Mar 4 10:23:09 2022 +1300

Bug 1962805: Upgrade TinyMCE from 5.8.2 to 5.10.2

Change-Id: Ia4ff0be3fb1627be95be825299b9def63807454f

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: mahara-contributors
https://bugs.launchpad.net/bugs/1962805

Title:
  Upgrade TinyMCE from 5.8.2 to 5.10.2

Status in Mahara:
  Fix Committed

Bug description:
  https://www.tiny.cloud/blog/new-release-tinymce-5-10/

      An upgrade to our Dom API to enhance URL security 
      Adding user-friendly enhancement to our VK API 
      Added ability for engineers to turn off deprecation console warning messages 
      Upgrades to our element API, relating to scrolling 

  
  https://www.tiny.cloud/docs/release-notes/release-notes510/
  Security fixes

  TinyMCE 5.10 provides fixes for the following security issues.

  Fixed URLs not cleaned correctly in some cases in the link and image
  plugins. This caused a medium severity Cross Site Scripting (XSS)
  vulnerability. Tiny Technologies would like to thank Yakir6 for
  discovering this vulnerability.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1962805/+subscriptions

References

[Bug 1962805] [NEW] Upgrade TinyMCE from 5.8.2 to 5.10.2
From: Dianne Tennent, 2022-03-03