[rt-users] New vulnerability with FCKEditor, is RT effected

[Mike Harris]

I'm unsure what version of FCKEditor is included with RT 3.8.4.  Is
the version of FCKEditor less than 2.6.4.1?

There is a potential advisory out for FCKEditor 2.6.4.1 and less:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2265

Thanks




-- 
Mike
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sa...@bestpractical.com


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com

[rt-users] Disable WYSIWYG Editor

[Mike Harris]

I found a previous post from lwebb from April or so, asking how to
permanently disable the WYSIWYG editor, and there weren't any
responses to him.

I too, would like to disable users from changing to the WYSIWYG
editor.  I found the RT_SiteConfig.pm option:   Set(
$MessageBoxRichText, 0);   however, that just sets the default option,
and users can still change this option.  Is there a way to
administratively disable it.

Thanks

Mike

-- 
Mike
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sa...@bestpractical.com


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com