[TYPO3-english] Overview of extensions with security issues?

Marcus Krause marcus#exp2010 at t3sec.info
Sat Nov 6 19:17:27 CET 2010


Marcus Krause schrieb am 11/06/2010 06:56 PM Uhr:
> Hi!
> 
> J. Schaller schrieb am 11/06/2010 06:48 PM Uhr:
>> On Sat, 06 Nov 2010 18:30:02 +0100, Steffen Gebert
>> The reason I come up with this is that I checked via backend for the
>> availabilty of certain extensions which would enhace comments and
>> installed an old version 0.1 of an extension that was flagged as
>> insecure as of 0.2 which I later found out. Of course, that newer
>> extension is not available via the EM, and if I'd known that I
>> wouldn't have bothered with the old version either.
> 
> So you have installed an ext that is insecure in version 0.2 but
> obviously not in v0.1. Sounds odd enough.

Answering myself as Jörg has contacted me:
The extension in question is "commentsbe", the version numbers are 0.0.1
and 0.0.2 and both versions were and are marked as insecure
(TYPO3-SA-2010-018).

This is what I assumed.


Marcus.


More information about the TYPO3-english mailing list