[TYPO3-UG Russia] Fwd: [TYPO3-announce] [Ticket#2012032810000017] Security issues in several third party TYPO3 ectensions including powermail and seo_basics
Michael Shigorin
mike at osdn.org.ua
Wed Mar 28 11:04:30 CEST 2012
----- Forwarded message from TYPO3 Security Team <security at typo3.org> -----
Date: Wed, 28 Mar 2012 10:43:51 +0200
From: TYPO3 Security Team <security at typo3.org>
To: typo3-announce at lists.typo3.org
Subject: [TYPO3-announce] [Ticket#2012032810000017] Security issues in several third party TYPO3 ectensions including powermail and seo_basics
Dear TYPO3 users,
Several vulnerabilities have been found in the following third party TYPO3 extensions:
Basic SEO Features (seo_basics)
powermail (powermail)
WhoisLookup (fe_whois)
Display CSV / Excel files or database tables (cag_tables)
Useful informations in reports module (additional_reports)
General data display (general_data_display)
Realty Manager (realty)
FEUser->BELogin (dkd_feuser_belogin)
TCFacebook Connect (tc_fbconnect)
Easy Login and Register with OpenID (FE) (dix_easylogin)
Ajado Facebook Connect (ajado_facebook)
Facebook Connect to TYPO3 (facebook2t3)
Social Login to TYPO3 (sociallogin2t3)
Event Board (kb_eventboard)
News system (news)
For further information on the issue in the extension "Basic SEO Features"
(seo_basics), please read the related advisory TYPO3-EXT-SA-2012-006 that was
published today:
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-006/
For further information on the issue in the extension "powermail" (powermail),
please read the related advisory TYPO3-EXT-SA-2012-004 that was published today:
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/
For further information on all CSB (Collective Security Bulletin) issues, please
read the related advisory TYPO3-EXT-SA-2012-005 that was published today:
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-005/
In general the TYPO3 Security Team recommends to read the following pages:
The TYPO3 Security Guide:
http://typo3.org/documentation/document-library/extension-manuals/doc_guide_security/current/
Make sure you are subscribed to the TYPO3 Announce List:
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-announce
See all TYPO3 security advisories for TYPO3 third party extensions:
http://typo3.org/teams/security/security-bulletins/typo3-extensions/
Regards,
Marcus Krause
Member of the TYPO3 Security Team
--
TYPO3 Security Team homepage: http://typo3.org/teams/security/
E-Mail: security at typo3.org
Please note: When replying to this e-mail, please leave the header intact.
_______________________________________________
TYPO3-announce mailing list
TYPO3-announce at lists.typo3.org
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-announce
----- End forwarded message -----
--
---- WBR, Michael Shigorin <mike at altlinux.ru>
------ Linux.Kiev http://www.linux.kiev.ua/
More information about the TYPO3-russia
mailing list