Release highlights
In light of a recently identified vulnerability in the protobufjs
package (CVE-2023-36665), we've rolled out an update to CKEditor 5 packages. This vulnerability is pertinent to real-time collaboration services.
Please note, our investigation has shown that our setup does not incorporate the affected protobufjs
code. However, to ensure a smooth and secure installation and update experience, we've updated our dependencies.
While the specific vulnerability doesn't impact our use-case, we still encourage an update to the latest CKEditor 5 version as a general security practice.
Released packages
Check out the Versioning policy guide for more information.
Other releases:
Released packages (summary)