TYPO3 10.4.4 and 9.5.19 maintenance releases published
The following TYPO3 updates have been released:
- TYPO3 10.4.4 LTS
- TYPO3 9.5.19 LTS
Both versions are maintenance releases only.
Further upgrade…
TYPO3 Book Report—Who’s Writing the TYPO3 Book?
Sign Up to the TYPO3 Guidebook Mailing List
How did you get into technical writing, Felicity?
In my former life I was a business analyst, and I always…
TYPO3 Users, Please Let Us Know Your Feedback!
The TYPO3 Project has started to use G2.com, the tech marketplace, as a prominent place to show the TYPO3 Project to millions of business…
Structured Content Initiative—What happened in April? The survey results!
The Structured Content Initiative is the core Strategic Initiative focused on improving the content editing user experience in TYPO3 CMS. Read our…
TYPO3 10.4.3 and 9.5.18 maintenance releases published
The following TYPO3 updates have been released:
- TYPO3 10.4.3 LTS
- TYPO3 9.5.18 LTS
Both versions are maintenance releases only. They aim to reduce…
Report from the Board QSA—April 2020
Although the Board meets online every two weeks throughout the year, it is necessary with longer physical meetings for in-depth and strategic…
TYPO3-CORE-SA-2020-006: Same-Origin Request Forgery to Backend User Interface
- Component Type: TYPO3 CMS
- Subcomponent: Backend User Interface & Install Tool (ext:backend, ext:backend)
- Release Date: May 12, 2020
- Vulnerability…
TYPO3-CORE-SA-2020-005: Insecure Deserialization in Backend User Settings
- Component Type: TYPO3 CMS
- Subcomponent: Backend User Interface (ext:backend)
- Release Date: May 12, 2020
- Vulnerability Type: Insecure…
TYPO3-EXT-SA-2020-008: Cross-Site Scripting in "SVG Sanitizer" (svg_sanitizer)
- Release Date: May 12, 2020
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
- Component: SVG…
TYPO3-CORE-SA-2020-004: Class destructors causing side-effects when being unserialized
- Component Type: TYPO3 CMS
- Subcomponent: Core (ext:core)
- Release Date: May 12, 2020
- Vulnerability Type: Insecure Deserialization
- Affected…
TYPO3-CORE-SA-2020-003: Cross-Site Scripting in Link Handling
- Component Type: TYPO3 CMS
- Subcomponent: Link Handling (ext:frontend)
- Release Date: May 12, 2020
- Vulnerability Type: Information Disclosure
- …
TYPO3-EXT-SA-2020-007: Sensitive Data Exposure in extension "Job Fair" (jobfair)
- Release Date: May 12, 2020
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
- Component: Job…
TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine
- Component Type: TYPO3 CMS
- Subcomponent: Form Engine (ext:backend)
- Release Date: May 12, 2020
- Vulnerability Type: Cross-Site Scripting
- Affected…
TYPO3-EXT-SA-2020-006: Broken Access Control in extension "gForum" (g_forum)
- Release Date: May 12, 2020
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
- Component:…
TYPO3-CORE-SA-2020-001: Information Disclosure in Password Reset
- Component Type: TYPO3 CMS
- Subcomponent: Password Reset (ext:backend)
- Release Date: May 12, 2020
- Vulnerability Type: Information Disclosure
- …
TYPO3-EXT-SA-2020-005: Multiple vulnerabilities in extension "Direct Mail" (direct_mail)
- Release Date: May 12, 2020
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
- Component:…
TYPO3 10.4.2 and 9.5.17 security releases published
The following TYPO3 updates have been released:
- TYPO3 10.4.2 LTS
- TYPO3 9.5.17 LTS
Both versions are security releases and contain important…
TYPO3-EXT-SA-2020-004: SQL Injection in extension "phpMyAdmin" (phpmyadmin)
- Release Date: May 12, 2020
- Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
- Component:…
CMS-Learning Curriculum for Educators and Students
Helping Students Learn About Content Management
Learning has moved online in response to the recent COVID-19 crisis. This increases demand on…
TYPO3 v10 Maintenance Release Schedule
TYPO3 v10 LTS receives a plannable release schedule for upcoming maintenance releases, as we did since TYPO3 v7 already. This makes it transparent for…
TYPO3 10.4.1 and 9.5.16 maintenance releases published
The following TYPO3 updates have been released:
- TYPO3 10.4.1 LTS
- TYPO3 9.5.16 LTS
Both versions are maintenance releases only.
Further upgrade…
TYPO3 v10 LTS Press Release in 12 Languages
Spread the news in your language: Danish, Dutch, English, French, German, Hindi, Italian, Norwegian, Romanian, Spanish, Turkish, and Ukrainian. All…
TYPO3 v10 LTS — Safe and Sound
Today we are thrilled to announce the release of TYPO3 v10.4, also called TYPO3 v10 LTS indicating this is a long-term support version. This version…
This Month in TYPO3 - March 2020 - Issue #15
March was marked by the worldwide spread of the COVID-19 pandemic. Nevertheless the work on TYPO3 v10 LTS continued and some of the planned events…
Structured Content Initiative - What Happened in March?
The Structured Content Initiative is the core Strategic Initiative focused on improving the content editing user experience in TYPO3 CMS. Read our…
Results of the Core development merger applications in 2020
Every year, we're heading for a new round of people responsible for merging code into TYPO3 Core's code basis.
Today, I’m proud to announce…
Vote now for the Board and the BCC of the TYPO3 Association
Every year, half of the staff of the TYPO3 Association Board and Business Control Committee (BCC) are up for reelection. This ensures that operations…
TYPO3 9.5.15 and 8.7.32 maintenance releases published
The versions 9.5.15 and 8.7.32 of the TYPO3 Enterprise Content Management System have just been released.
TYPO3 Accessibility Initiative Needs Your Feedback
We provide information on accessibility and give the opportunity to discuss accessibility topics on a regular basis in our Slack…
Server Team Status Report—March 2020
From March 13–15, 2020, the TYPO3 Server Team organized a combined team sprint for their quarterly real-life meeting at the office of Ops One in…