Zum Hauptinhalt springen

Nachrichten

Meet Tomas Norre Mikkelsen, Danish Developer in Germany (Application Podcast S1E2)

Listen to the full interview in the audio player here, watch the interview video below, where you’ll also find a full transcript of our conversation.…

Meet Rachel Foucard TYPO3 Community Lead, France (Application Podcast S1E1)

Meet Rachel Foucard, TYPO3 Community Lead in France, on episode one of Application, the TYPO3 Community Podcast. We talk about building relationships…

Meet Application, the TYPO3 Community Podcast!

Beyond the software, TYPO3 CMS is a large, diverse group of people—a vibrant professional community—from around the world. It is time to spread the…

TYPO3 Version 11.0—Ready for Liftoff

Buckle up and get ready for an exciting journey! Today, we launched TYPO3 version 11.0. This release is the first of five planned sprint releases of…

TYPO3 10.4.12 maintenance release published

The following TYPO3 update has been released:

  • TYPO3 10.4.12 LTS

This version is a maintenance release only, and fixes a minor regression that was…

TYPO3 Guidebook Released to International Audience

The TYPO3 Association announces a comprehensive beginners’ guide for web publishing with TYPO3 CMS. Published by New York City-based publishers…

Watch TYPO3 Guidebook Authors on “Deploy Friday” Podcast

The show begins at 9pm CET, Friday 18 December 2020.

Featuring Guidebook authors Heather McNamee, Felicity Brand, and Jeffrey A. McGuire, the podcast…

TYPO3 10.4.11 and 9.5.24 maintenance releases published

The following TYPO3 updates have been released:

  • TYPO3 10.4.11 LTS
  • TYPO3 9.5.24 LTS

Both versions are maintenance releases only.

Further upgrade…

Sharing the Love with Other Open Source Projects

The Financial Impact of COVID-19 on Open Source Communities

2020 has had its impact on everyone. In the TYPO3 community, we’ve found it challenging…

The TYPO3 Demo Website is Launching

Try Out the Demo Site Now

What’s the Need for a Demo Project?

You know the familiar situation: You’re at an event or having a meeting getting to know…

A New Way to Manage Your Public Extensions in the TYPO3 Extension Repository

The TYPO3 Extension Repository (TER) contains a list of all publicly available TYPO3 extensions, registered or uploaded by TYPO3 users. TYPO3…

Manage Your TYPO3 Association Membership in My TYPO3

My TYPO3, the central gateway for communication, education, products, services, and interaction within the TYPO3 Community, has a new feature. You can…

Structured Content Initiative—What Happened Between July and November?

The Structured Content Initiative is the core Strategic Initiative focused on improving the content editing user experience in TYPO3 CMS. Read our…

Extension Repository Shows Localization Status

The data is sourced directly from Crowdin which means the TER is providing real-time status of localization efforts. CrowdIn is the cloud-based…

A First Glimpse of TYPO3 v11

While you’re enjoying TYPO3 v10 LTS, released in April 2020, we are working on the next version—TYPO3 v11.

Today we have news regarding our release…

An Open Discussion on the TYPO3 Association Budget Ideas for 2021

Here is a quick overview of the 2021 budget pools: The budget for 2021 is €1,150,000. Please be aware this amount is a forecast and may change in…

TYPO3 10.4.10 and 9.5.23 security releases published

The following TYPO3 updates have been released:

  • TYPO3 10.4.10 LTS
  • TYPO3 9.5.23 LTS
  • TYPO3 8.7.38 ELTS
  • TYPO3 7.6.48 ELTS
  • TYPO3 6.2.54 ELTS

Both…

TYPO3-PSA-2020-003: Mitigation of Cross-Site Scripting Vulnerabilities in File Upload Handling

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: File Upload Handling (ext:filelist)
  • Release Date: November 17, 2020
  • Affected Versions: all
TYPO3-PSA-2020-002: Protecting Install Tool with Sudo Mode

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: Install Tool (ext:install)
  • Release Date: November 17, 2020
  • Affected Versions:
TYPO3-CORE-SA-2020-012: XML External Entity in Dashboard Widget

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: Dashboard (ext:dashboard)
  • Release Date: November 17, 2020
  • Vulnerability Type: XML External…
TYPO3-CORE-SA-2020-011: Cleartext storage of session identifier

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: Session Storage (ext:core)
  • Release Date: November 17, 2020
  • Vulnerability Type: Sensitive…
TYPO3-CORE-SA-2020-010: Cross-Site Scripting in Fluid view helpers

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: Fluid (ext:fluid)
  • Release Date: November 17, 2020
  • Vulnerability Type: Cross-Site Scripting
TYPO3-CORE-SA-2020-009: Cross-Site Scripting through Fluid view helper arguments

 

 

 

  • Component Type: TYPO3 CMS
  • Subcomponent: Fluid Engine (package typo3fluid/fluid)
  • Release Date: November 17, 2020
  • Vulnerability…
TYPO3-EXT-SA-2020-020: Denial of Service in extension "Authenticator" (defbu_authenticator)

 

 

 

  • Release Date: November 17, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default…
TYPO3-EXT-SA-2020-019: Sensitive Data Exposure in extension "View frontend statistics" (view_statistics)

 

 

 

  • Release Date: November 17, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default…
TYPO3-EXT-SA-2020-018: Multiple vulnerabilities in extension "phpMyAdmin" (phpmyadmin)

 

 

 

  • Release Date: November 17, 2020
  • Component Type: Third party extension. This extension is not a part of the TYPO3 default…
Successful TYPO3 Accessibility Sprint

It was the first sprint organized by the new Accessibility Team, and we were truly overwhelmed by many things, in the best positive way. On the first…

Community Ombudsperson—What Are Your Thoughts?

Take a Minute to Answer Our Questions

The group was put together by the TYPO3 Association Board and consists of these four people:

  • Petra Hasenau…
Bringing Rector to TYPO3 for Automated Upgrades

The Times They Are A-Changin’

Changes are everywhere, change is the only constant in life. Especially in our industry. What about the next major…

Server Team Status Report—November 2020

Our last sprint in 2020 took place from November 2nd to 4th. As outlined in our last report, we are in the process of migrating our workload to a…