[Typo3] t3-SECURITY???

[daniel]

Olivier Dobberkau wrote:
> daniel wrote:
> 
>>hi all.
>>in the past i found several exploits concerning software used by t3
>>such as awstats, imagemagick and so on. does anyone know how
>>(in)secure t3 is at the moment?
>>i think there are lots of exploits that might be used by an attacker
>>to get into a typo3 site.
> 
> 
> hum.
> you found them?
> as far as i know the bugs in the software used by typo3 have been found by 
> other.
> 
> please contact ekki gümbel or robert lemke from the typo3 security team if 
> you have found bugs in typo3 and not in external software.
> 
> greetings..
> 
> olivier 
> 
> 

LOL
of  course it was not me who discovered these exploits :-)
all i wanna know is:
has anyone tested these bugs so far?
even though it's not typo3 itself that's insecure, it is software needed 
by typo3 which one usually does not alreaddy have installed on one's server.

a typo3-security list would be great (wouldn`t it?)