TYPO3 News & Events Hub
What’s new & what’s comin’
TYPO3 DEVELOPER DAYS 2014 tickets go on sale.
Supporting Events through Risk Backup
This Week in TYPO3 (Week 7, 2014)
The event season is really kicking of now with the Developer Days, Netherlands announced, TYPO3camp Venlo also Netherlands, CMS Garden at Internetworld, Munich and at CeBIT, Hannover. Some insight into the user group Nuremberg through an interview with organiser Jonas Jabari and a report on the Poznan Code Sprint
Documentation Team, second half-year report 2013
The last news summing up our activities covered the first six months of 2013. Let's then recap what happened in the second semester of last year.
TYPO3-EXT-SA-2014-005: Access Bypass in extensions "Yet Another Gallery" (yag) and "Tools for Extbase development" (pt_extbase)
It has been discovered that the extensions "Yet Another Gallery" (yag) and "Tools for Extbase development" (pt_extbase) are susceptible to Access Bypass
TYPO3-EXT-SA-2014-004: Mass Assignment in extension Direct Mail Subscription (direct_mail_subscription)
It has been discovered that the extension "Direct Mail Subscription" (direct_mail_subscription) is susceptible to Mass Assignment.
TYPO3-EXT-SA-2014-003: Insecure Unserialize in extension News (tt_news)
It has been discovered that the extension "News" (tt_news) is susceptible to Insecure Unserialize.
TYPO3-EXT-SA-2014-002: Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: alpha_sitemap, femanager ke_stats, outstats, px_phpids, smarty, wec_map
TYPO3-EXT-SA-2014-001: Several vulnerabilities in extension mm_forum (mm_forum)
It has been discovered that the extension "mm_forum" (mm_forum) is vulnerable to Arbitrary Code Execution, Cross-Site Scripting and Cross-Site Request Forgery
Mentors and ideas for Google Summer of Code 2014
Google has announced Google Summer of Code 2014. Of course the TYPO3 project is applying again this year, possibly making it the fifth time we participate.