[Typo3] SQL Injection - READ THIS PLEASE.
Steffen Müller
steffen at mail.kommwiss.fu-berlin.de
Sat Mar 5 17:17:53 CET 2005
Hi.
On 03/04/2005 03:24 PM Michael Stucki wrote:
> Stefan Neufeind wrote:
>
>
>>For reference - it was also announced here:
>>http://secunia.com/advisories/14465/
>
>
> Plus many other places. Argh, I hate this! Again:
> This is a 3rd party extension!!
>
See my second posting about that: It's evident if the core or an
extension is affected. What would the TYPO3 core be without its
extensions? Both make TYPO3 rock, so the community has to care about both.
Nevertheless, the posting on bugtraq had impact. Four hours after its
publication, it was announced on typo3-english and shortly we began to
discuss this issue on the security list. A solution (patch) has been
published on the bugtracker 17 hours after, a new extension was
available 19 hours after the bugtraq posting.
Not too bad, isn't it?
--
cheers,
Steffen
More information about the TYPO3-english
mailing list