[TYPO3] Typo3 version and rtehtmlarea in security bulletin 20061220-1
Santiago Tejero
stejero at unav.es
Wed Jan 24 17:58:39 CET 2007
Hello, Ben. Thanks for your quick answer.
The reason for not upgrade to Typo3 4.0.x is that we have 53 installed
extensions, some of them (about 10) developed under contract by a third
company just for this site, and other with custom modifications for this
site. So an upgrade would not be very straightforward.
My question is if we are secure just updating to 1.2.1 version of
rtehtmlarea on Typo3 3.8.1?
Thanks in advance.
Santiago Tejero
ben van 't ende [netcreators] escribió:
>Santiago Tejero wrote:
>
>
>>Hello,
>>
>>We've a Typo3 3.8.1 installation and we're using rtehtmlarea 1.2.1. On
>>the security bulletin "TYPO3-20061220-1: Remote Command Execution in
>>TYPO3" about the vulnerability of rtehtmlarea 1.2.0 + aspell
>> http://typo3.org/teams/security/security-bulletins/typo3-20061220-1/
>>in the solution page it says on one of the points:
>> "A) Update your TYPO3 core system to the latest version"
>>
>>Does this means that we need to update our Typo 3.8.1 to Typo 4.0.x or
>>we're fine with our upgraded rtehtmlarea 1.2.1 on Typo3 3.8.1?
>>
>>
>
>
>Hi Santiago,
>
>There is a list somewhere! I guess you can find that from the news bulletin. You
>could just as easily upgrade to TYPO3 4.0.4, which will give you additional
>features as well.
>
>Any reason why you do not upgrade TYPO3?
>
>gRTz
>
>ben
>
>
More information about the TYPO3-english
mailing list