[TYPO3-english] Overview of extensions with security issues?

J. Schaller jorgosch at terra.es
Sat Nov 6 18:48:33 CET 2010


On Sat, 06 Nov 2010 18:30:02 +0100, Steffen Gebert
<steffen at steffen-gebert.de> wrote:

>I don't know such a list, but you can filter the DB table 
>cache_extensions for extensions having reviewstate=-1

Thank you, Steffen. So maybe this could serve as a suggestion to
create a Wikipage for easy identification of unsecure extensions. 

The reason I come up with this is that I checked via backend for the
availabilty of certain extensions which would enhace comments and
installed an old version 0.1 of an extension that was flagged as
insecure as of 0.2 which I later found out. Of course, that newer
extension is not available via the EM, and if I'd known that I
wouldn't have bothered with the old version either.

Concluding, a reference page would be nice.


More information about the TYPO3-english mailing list