Manage Your TYPO3 Association Membership in My TYPO3
My TYPO3, the central gateway for communication, education, products, services, and interaction within the TYPO3 Community, has a new feature. You can…
Structured Content Initiative—What Happened Between July and November?
The Structured Content Initiative is the core Strategic Initiative focused on improving the content editing user experience in TYPO3 CMS. Read our…
Extension Repository Shows Localization Status
The data is sourced directly from Crowdin which means the TER is providing real-time status of localization efforts. CrowdIn is the cloud-based…
A First Glimpse of TYPO3 v11
While you’re enjoying TYPO3 v10 LTS, released in April 2020, we are working on the next version—TYPO3 v11.
Today we have news regarding our release…
An Open Discussion on the TYPO3 Association Budget Ideas for 2021
Here is a quick overview of the 2021 budget pools: The budget for 2021 is €1,150,000. Please be aware this amount is a forecast and may change in…
TYPO3 10.4.10 and 9.5.23 security releases published
The following TYPO3 updates have been released:
- TYPO3 10.4.10 LTS
- TYPO3 9.5.23 LTS
- TYPO3 8.7.38 ELTS
- TYPO3 7.6.48 ELTS
- TYPO3 6.2.54 ELTS
Both…
TYPO3-PSA-2020-003: Mitigation of Cross-Site Scripting Vulnerabilities in File Upload Handling
- Component Type: TYPO3 CMS
- Subcomponent: File Upload Handling (ext:filelist)
- Release Date: November 17, 2020
- Affected Versions: all …
TYPO3-PSA-2020-002: Protecting Install Tool with Sudo Mode
- Component Type: TYPO3 CMS
- Subcomponent: Install Tool (ext:install)
- Release Date: November 17, 2020
- Affected Versions:…
TYPO3-CORE-SA-2020-012: XML External Entity in Dashboard Widget
- Component Type: TYPO3 CMS
- Subcomponent: Dashboard (ext:dashboard)
- Release Date: November 17, 2020
- Vulnerability Type: XML External…
TYPO3-CORE-SA-2020-011: Cleartext storage of session identifier
- Component Type: TYPO3 CMS
- Subcomponent: Session Storage (ext:core)
- Release Date: November 17, 2020
- Vulnerability Type: Sensitive…
TYPO3-CORE-SA-2020-010: Cross-Site Scripting in Fluid view helpers
- Component Type: TYPO3 CMS
- Subcomponent: Fluid (ext:fluid)
- Release Date: November 17, 2020
- Vulnerability Type: Cross-Site Scripting …
TYPO3-CORE-SA-2020-009: Cross-Site Scripting through Fluid view helper arguments
- Component Type: TYPO3 CMS
- Subcomponent: Fluid Engine (package typo3fluid/fluid)
- Release Date: November 17, 2020
- Vulnerability…
TYPO3-EXT-SA-2020-020: Denial of Service in extension "Authenticator" (defbu_authenticator)
- Release Date: November 17, 2020
- Component Type: Third party extension. This extension is not a part of the TYPO3 default…
TYPO3-EXT-SA-2020-019: Sensitive Data Exposure in extension "View frontend statistics" (view_statistics)
- Release Date: November 17, 2020
- Component Type: Third party extension. This extension is not a part of the TYPO3 default…
TYPO3-EXT-SA-2020-018: Multiple vulnerabilities in extension "phpMyAdmin" (phpmyadmin)
- Release Date: November 17, 2020
- Component Type: Third party extension. This extension is not a part of the TYPO3 default…
Successful TYPO3 Accessibility Sprint
It was the first sprint organized by the new Accessibility Team, and we were truly overwhelmed by many things, in the best positive way. On the first…
Community Ombudsperson—What Are Your Thoughts?
Take a Minute to Answer Our Questions
The group was put together by the TYPO3 Association Board and consists of these four people:
- Petra Hasenau…
Bringing Rector to TYPO3 for Automated Upgrades
The Times They Are A-Changin’
Changes are everywhere, change is the only constant in life. Especially in our industry. What about the next major…
Server Team Status Report—November 2020
Our last sprint in 2020 took place from November 2nd to 4th. As outlined in our last report, we are in the process of migrating our workload to a…
TYPO3 Sponsors BabesGotBytes in South Africa
A couple of months ago, I had the pleasure of speaking with the women from BabesGotBytes with Olivier Dobberkau. Our conversation took place over the…