[TYPO3-announce] Critical vulnerability in legacy TYPO3 CMS 6.2
Oliver Hader
oliver.hader at typo3.org
Tue Jul 28 11:42:24 CEST 2020
Dear TYPO3 world,
We've just published a public service announcement (PSA) addressing a critical security vulnerability in legacy TYPO3 CMS 6.2.
For details about the vulnerability and further instructions, please visit the following website:
https://typo3.org/security/advisory/typo3-psa-2020-001
A patch file addressing the vulnerability can be fetched from:
https://typo3.azureedge.net/typo3patches/typo3-psa-2020-001-6-2.patch (patch)
https://typo3.azureedge.net/typo3patches/typo3-psa-2020-001-6-2.patch.sig (GPG signature)
SHA256 checksums:
248ee155056037f142a4d3d718d52e99b074c503508ec1a2d4b06839b8b6fba9 typo3-psa-2020-001-6-2.patch
Further details on the signing and hashing process of TYPO3 releases:
https://docs.typo3.org/m/typo3/guide-installation/master/en-us/ReleaseIntegrity/
Best regards
Oliver
--
Oliver Hader
TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.typo3.org/pipermail/typo3-announce/attachments/20200728/4b1b79cc/attachment.pgp>
More information about the TYPO3-announce
mailing list