[geeklog-hg] geeklog: Update FCKeditor to version 2.6.9

Sat Feb 23 13:05:15 EST 2013

changeset 8969:009cb53da354
url:  http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/009cb53da354
user: Dirk Haun <dirk at haun-online.de>
date: Sat Feb 23 19:03:41 2013 +0100
description:
Update FCKeditor to version 2.6.9

diffstat:

 public_html/fckeditor/_whatsnew.html                                                              |   22 +-
 public_html/fckeditor/_whatsnew_history.html                                                      |   38 +
 public_html/fckeditor/editor/_source/fckeditorapi.js                                              |    4 +-
 public_html/fckeditor/editor/css/fck_editorarea.css                                               |  226 +-
 public_html/fckeditor/editor/dialog/fck_about.html                                                |    4 +-
 public_html/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.cfm |    2 +-
 public_html/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php |    2 +-
 public_html/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl  |  374 ++-
 public_html/fckeditor/editor/filemanager/connectors/php/connector.php                             |    2 +-
 public_html/fckeditor/editor/filemanager/connectors/php/io.php                                    |    8 +-
 public_html/fckeditor/editor/filemanager/connectors/php/upload.php                                |    2 +-
 public_html/fckeditor/editor/js/fckeditorcode_gecko.js                                            |    2 +-
 public_html/fckeditor/editor/js/fckeditorcode_ie.js                                               |    2 +-
 public_html/fckeditor/editor/skins/default/fck_editor.css                                         |  941 ++++-----
 public_html/fckeditor/fckconfig.js                                                                |    2 +-
 public_html/fckeditor/fckeditor.js                                                                |   20 +-
 public_html/fckeditor/fckeditor_php4.php                                                          |    3 +
 public_html/fckeditor/fckeditor_php5.php                                                          |    3 +
 18 files changed, 844 insertions(+), 813 deletions(-)

diffs (truncated from 1852 to 300 lines):

diff -r fbd6fae26187 -r 009cb53da354 public_html/fckeditor/_whatsnew.html

--- a/public_html/fckeditor/_whatsnew.html	Sat Feb 23 21:12:09 2013 +0900
+++ b/public_html/fckeditor/_whatsnew.html	Sat Feb 23 19:03:41 2013 +0100
@@ -33,28 +33,16 @@
 	<h1>
 		FCKeditor ChangeLog - What's New?</h1>
 	<h3>
-		Version 2.6.6</h3>
-	<p>
-		New Features and Improvements:</p>
-	<ul>
-		<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/5104">#5104</a>] Fixed
-			compatibility with Gecko browsers released in 2010 in the ColdFusion server side integration files.</li>
-		<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/4765">#4765</a>] Fixed
-			a potential function name clash in the built-in file browser with future versions of ColdFusion.</li>
-	</ul>
+		Version 2.6.9</h3>
 	<p>
 		Fixed Bugs:</p>
 	<ul>
-		<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/4642">#4642</a>] Avoided infinite 
-			loop in IE with invalid HTML.</li>
-		<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/4487">#4487</a>] The editor was not loading properly in Safari 3.</li>
-		<li>Language file updates for the following languages:
-			<ul>
-				<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/4465">#4465</a>] Czech </li>
-				<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/4759">#4759</a>] Swedish </li>
-				<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/2939">#2939</a>] Finnish </li>
+		<li><strong>Security release, upgrade is highly recommended </strong>.<ul>
+			<li>(ASP) File Upload Protection Bypass - reported by Soroush Dalili (@irsdl), Mostafa Azizi</li>
+			<li>XSS vulnerability in built-in file manager - reported by Soroush Dalili (<a href="http://SecProject.com">SecProject.com</a>)</li>
 			</ul>
 		</li>
+		<li><a href="http://dev.ckeditor.com/ticket/9716">#9716</a> Fix FCKeditor browser detection to work with Firefox 17 and IE 10</li>
 	</ul>
 	<p>
 		<a href="_whatsnew_history.html">See previous versions history</a></p>
diff -r fbd6fae26187 -r 009cb53da354 public_html/fckeditor/_whatsnew_history.html
--- a/public_html/fckeditor/_whatsnew_history.html	Sat Feb 23 21:12:09 2013 +0900
+++ b/public_html/fckeditor/_whatsnew_history.html	Sat Feb 23 19:03:41 2013 +0100
@@ -33,6 +33,44 @@
 	<h1>
 		FCKeditor ChangeLog - What's New?</h1>
 	<h3>
+		Version 2.6.8</h3>
+	<p>
+		Fixed Bugs:</p>
+	<ul>
+		<li><strong>Security release, upgrade is highly recommended </strong>(fixed XSS issue).</li>
+	</ul>
+	<h3>
+		Version 2.6.7</h3>
+	<p>
+		Fixed Bugs:</p>
+	<ul>
+		<li><strong>Security release, upgrade is highly recommended </strong>(improved protection for IIS6 web server).</li>
+	</ul>
+	<h3>
+		Version 2.6.6</h3>
+	<p>
+		New Features and Improvements:</p>
+	<ul>
+		<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/5104">#5104</a>] Fixed
+			compatibility with Gecko browsers released in 2010 in the ColdFusion server side integration files.</li>
+		<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/4765">#4765</a>] Fixed
+			a potential function name clash in the built-in file browser with future versions of ColdFusion.</li>
+	</ul>
+	<p>
+		Fixed Bugs:</p>
+	<ul>
+		<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/4642">#4642</a>] Avoided infinite 
+			loop in IE with invalid HTML.</li>
+		<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/4487">#4487</a>] The editor was not loading properly in Safari 3.</li>
+		<li>Language file updates for the following languages:
+			<ul>
+				<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/4465">#4465</a>] Czech </li>
+				<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/4759">#4759</a>] Swedish </li>
+				<li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/2939">#2939</a>] Finnish </li>
+			</ul>
+		</li>
+	</ul>
+	<h3>
 		Version 2.6.5</h3>
 	<p>
 		New Features and Improvements:</p>
diff -r fbd6fae26187 -r 009cb53da354 public_html/fckeditor/editor/_source/fckeditorapi.js
--- a/public_html/fckeditor/editor/_source/fckeditorapi.js	Sat Feb 23 21:12:09 2013 +0900
+++ b/public_html/fckeditor/editor/_source/fckeditorapi.js	Sat Feb 23 19:03:41 2013 +0100
@@ -40,8 +40,8 @@
 		// objects that aren't really FCKeditor instances.
 		var sScript =
 			'window.FCKeditorAPI = {' +
-				'Version : "2.6.6",' +
-				'VersionBuild : "25427",' +
+				'Version : "2.6.9",' +
+				'VersionBuild : "25428",' +
 				'Instances : window.FCKeditorAPI && window.FCKeditorAPI.Instances || {},' +
 
 				'GetInstance : function( name )' +
diff -r fbd6fae26187 -r 009cb53da354 public_html/fckeditor/editor/css/fck_editorarea.css
--- a/public_html/fckeditor/editor/css/fck_editorarea.css	Sat Feb 23 21:12:09 2013 +0900
+++ b/public_html/fckeditor/editor/css/fck_editorarea.css	Sat Feb 23 19:03:41 2013 +0100
@@ -1,116 +1,110 @@
-/*
- * FCKeditor - The text editor for Internet - http://www.fckeditor.net
- * Copyright (C) 2003-2010 Frederico Caldeira Knabben
- *
- * == BEGIN LICENSE ==
- *
- * Licensed under the terms of any of the following licenses at your
- * choice:
- *
- *  - GNU General Public License Version 2 or later (the "GPL")
- *    http://www.gnu.org/licenses/gpl.html
- *
- *  - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
- *    http://www.gnu.org/licenses/lgpl.html
- *
- *  - Mozilla Public License Version 1.1 or later (the "MPL")
- *    http://www.mozilla.org/MPL/MPL-1.1.html
- *
- * == END LICENSE ==
- *
- * This is the default CSS file used by the editor area. It defines the
- * initial font of the editor and background color.
- *
- * A user can configure the editor to use another CSS file. Just change
- * the value of the FCKConfig.EditorAreaCSS key in the configuration
- * file.
- */
-
-/**
- * The "body" styles should match your editor web site, mainly regarding
- * background color and font family and size.
- */
-
-body
-{
-	background-color: #ffffff;
-	padding: 5px 5px 5px 5px;
-	margin: 0px;
-}
-
-body, td
-{
-	font-family: Arial, Verdana, sans-serif;
-	font-size: 13px;
-}
- at media screen and (max-device-width: 480px) {
-	body, td
-	{
-		font-size: 16px;
-	}
-}
-
-a[href]
-{
-	color: -moz-hyperlinktext !important;		/* For Firefox... mark as important, otherwise it becomes black */
-	text-decoration: -moz-anchor-decoration;	/* For Firefox 3, otherwise no underline will be used */
-}
-
-/**
- * Just uncomment the following block if you want to avoid spaces between
- * paragraphs. Remember to apply the same style in your output front end page.
- */
-
-/*
-p, ul, li
-{
-	margin-top: 0px;
-	margin-bottom: 0px;
-}
-*/
-
-/**
- * Uncomment the following block, or only selected lines if appropriate,
- * if you have some style items that would break the styles combo box.
- * You can also write other CSS overrides inside the style block below
- * as needed and they will be applied to inside the style combo only.
- */
-
-/*
-.SC_Item *, .SC_ItemSelected *
-{
-	margin: 0px !important;
-	padding: 0px !important;
-	text-indent: 0px !important;
-	clip: auto !important;
-	position: static !important;
-}
-*/
-
-/**
- * The following are some sample styles used in the "Styles" toolbar command.
- * You should instead remove them, and include the styles used by the site
- * you are using the editor in.
- */
-
-.Bold
-{
-	font-weight: bold;
-}
-
-.Title
-{
-	font-weight: bold;
-	font-size: 18px;
-	color: #cc3300;
-}
-
-.Code
-{
-	border: #8b4513 1px solid;
-	padding-right: 5px;
-	padding-left: 5px;
-	color: #000066;
-	font-family: 'Courier New' , Monospace;
-	background-color: #ff9933;
-}
+/*
+ * FCKeditor - The text editor for Internet - http://www.fckeditor.net
+ * Copyright (C) 2003-2010 Frederico Caldeira Knabben
+ *
+ * == BEGIN LICENSE ==
+ *
+ * Licensed under the terms of any of the following licenses at your
+ * choice:
+ *
+ *  - GNU General Public License Version 2 or later (the "GPL")
+ *    http://www.gnu.org/licenses/gpl.html
+ *
+ *  - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+ *    http://www.gnu.org/licenses/lgpl.html
+ *
+ *  - Mozilla Public License Version 1.1 or later (the "MPL")
+ *    http://www.mozilla.org/MPL/MPL-1.1.html
+ *
+ * == END LICENSE ==
+ *
+ * This is the default CSS file used by the editor area. It defines the
+ * initial font of the editor and background color.
+ *
+ * A user can configure the editor to use another CSS file. Just change
+ * the value of the FCKConfig.EditorAreaCSS key in the configuration
+ * file.
+ */
+
+/**
+ * The "body" styles should match your editor web site, mainly regarding
+ * background color and font family and size.
+ */
+
+body
+{
+	background-color: #ffffff;
+	padding: 5px 5px 5px 5px;
+	margin: 0px;
+}
+
+body, td
+{
+	font-family: Arial, Verdana, sans-serif;
+	font-size: 12px;
+}
+
+a[href]
+{
+	color: -moz-hyperlinktext !important;		/* For Firefox... mark as important, otherwise it becomes black */
+	text-decoration: -moz-anchor-decoration;	/* For Firefox 3, otherwise no underline will be used */
+}
+
+/**
+ * Just uncomment the following block if you want to avoid spaces between
+ * paragraphs. Remember to apply the same style in your output front end page.
+ */
+
+/*
+p, ul, li
+{
+	margin-top: 0px;
+	margin-bottom: 0px;
+}
+*/
+
+/**
+ * Uncomment the following block, or only selected lines if appropriate,
+ * if you have some style items that would break the styles combo box.
+ * You can also write other CSS overrides inside the style block below
+ * as needed and they will be applied to inside the style combo only.
+ */
+
+/*
+.SC_Item *, .SC_ItemSelected *
+{
+	margin: 0px !important;
+	padding: 0px !important;
+	text-indent: 0px !important;
+	clip: auto !important;
+	position: static !important;
+}

