[Typo3] t3-SECURITY???
Olivier Dobberkau
olivier.dobberkau at dkd.de
Tue Feb 8 12:03:59 CET 2005
daniel wrote:
> LOL
> of course it was not me who discovered these exploits :-)
> all i wanna know is:
> has anyone tested these bugs so far?
> even though it's not typo3 itself that's insecure, it is software
> needed by typo3 which one usually does not alreaddy have installed on
> one's
> server.
> a typo3-security list would be great (wouldn`t it?)
hi daniel
security bugs in external software are usually patched by the linux vendors.
if you use other versions of the software, so it's in your responsability to
keep the software patched.
all linux vendors have dedicated lists on the security topic.
typo3 wise there is no security mailing list as such. there have been talks
in kitbühel this year lead by ekki gümbel and robert lemke about security
issues around typo3. please contact them to get the exact insight on this
matter.
in the past typo3 had one security issue, that was fixed within hours.
please search the well known security sources for typo3.
nevertheless security is a big issue in our typo3 community. please contact
kasper or robert if you have found security problems in typo3 code.
please do not start a security histeria discussion without any reason.
greetings.
olivier
More information about the TYPO3-english
mailing list