Package: knowledgeroot Severity: grave Tags: security Justification: user security hole
As far as I can see, knowledgeroot includes FCKeditor and TinyMCE, which had many security issues in the past. Please check whether these issues are fixed in the versions that are included in knowledgeroot. For FCKeditor I found: CVE-2006-3362 CVE-2006-2529 CVE-2006-0921 CVE-2006-0658 CVE-2005-4094 CVE-2005-4095 CVE-2005-0613 For TinyMCE, I found: CVE-2005-4599 CVE-2005-4600 CVE-2006-3602 Some of these are probably identical because these editors are included in many products which might have individual CVE-IDs assigned. If any security issue needs fixing in knowledgeroot, please mention the CVE-IDs in the changelog. Thanks in advance. Cheers, Stefan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]