Bug #1266976 “Update to HTMLPurifier 4.6.0” : Bugs : Mahara

Bug Description

HTMLPurifier 4.6.0 came out in November 30, and it's a security release. So, we should update our version to that, and since it's a security release we should also backport it to 1.6, 1.7, and 1.8.

http://htmlpurifier.org/news/

Tags: Edit Tag help

CVE References

2013-7414

Mahara Bot (dev-mahara) wrote on 2014-01-14: A patch has been submitted for review

Patch for "master" branch: https://reviews.mahara.org/2909

Mahara Bot (dev-mahara) wrote on 2014-01-14: A change has been merged

Reviewed: https://reviews.mahara.org/2909
Committed: http://gitorious.org/mahara/mahara/commit/b1211089e661ce6f9b7de8aade0e86a7dbeaa136
Submitter: Aaron Wells (<email address hidden>)
Branch: master

commit b1211089e661ce6f9b7de8aade0e86a7dbeaa136
Author: Robert Lyon <email address hidden>
Date: Tue Jan 14 16:00:09 2014 +1300

Updating HTMLPurifier to version 4.6.0 (Bug #1266976)

Change-Id: I1a6145ca25ecde56c83f2540d04874e973e926f6
Signed-off-by: Robert Lyon <email address hidden>

Mahara Bot (dev-mahara) wrote on 2014-01-14: A patch has been submitted for review

Patch for "1.8_STABLE" branch: https://reviews.mahara.org/2924

Mahara Bot (dev-mahara) wrote on 2014-01-14:

Patch for "1.7_STABLE" branch: https://reviews.mahara.org/2925

Mahara Bot (dev-mahara) wrote on 2014-01-14:

Patch for "1.6_STABLE" branch: https://reviews.mahara.org/2926

Mahara Bot (dev-mahara) wrote on 2014-01-14: A change has been merged

Reviewed: https://reviews.mahara.org/2924
Committed: http://gitorious.org/mahara/mahara/commit/67d9f6066bef9b7f294694820691c769ee9bbaff
Submitter: Aaron Wells (<email address hidden>)
Branch: 1.8_STABLE

commit 67d9f6066bef9b7f294694820691c769ee9bbaff
Author: Robert Lyon <email address hidden>
Date: Tue Jan 14 16:00:09 2014 +1300

Updating HTMLPurifier to version 4.6.0 (Bug #1266976)

Change-Id: I1a6145ca25ecde56c83f2540d04874e973e926f6
Signed-off-by: Robert Lyon <email address hidden>

Mahara Bot (dev-mahara) wrote on 2014-01-14:

Reviewed: https://reviews.mahara.org/2925
Committed: http://gitorious.org/mahara/mahara/commit/130c441ac9a50ad251dd08912e71e27c07781da3
Submitter: Aaron Wells (<email address hidden>)
Branch: 1.7_STABLE

commit 130c441ac9a50ad251dd08912e71e27c07781da3
Author: Robert Lyon <email address hidden>
Date: Tue Jan 14 16:00:09 2014 +1300

Updating HTMLPurifier to version 4.6.0 (Bug #1266976)

Change-Id: I1a6145ca25ecde56c83f2540d04874e973e926f6
Signed-off-by: Robert Lyon <email address hidden>

Mahara Bot (dev-mahara) wrote on 2014-01-14:

Reviewed: https://reviews.mahara.org/2926
Committed: http://gitorious.org/mahara/mahara/commit/9ad29e96607b671b7c4a51fc7e5cef826e130635
Submitter: Aaron Wells (<email address hidden>)
Branch: 1.6_STABLE

commit 9ad29e96607b671b7c4a51fc7e5cef826e130635
Author: Robert Lyon <email address hidden>
Date: Tue Jan 14 16:00:09 2014 +1300

Updating HTMLPurifier to version 4.6.0 (Bug #1266976)

Change-Id: I1a6145ca25ecde56c83f2540d04874e973e926f6
Signed-off-by: Robert Lyon <email address hidden>

Aaron Wells (u-aaronw) on 2014-04-03

no longer affects:

mahara/1.9

Robert Lyon (robertl-9) on 2014-04-22

Changed in mahara:
status:	Fix Committed → Fix Released

Mahara

Update to HTMLPurifier 4.6.0

Bug Description

CVE References

Other bug subscribers