TYPO3 News & Events Hub
What’s New & What’s Coming
Stay up to date with the latest TYPO3 news and announcements by subscribing to our RSS feed.
Codesprint: Waalwijk and Venlo Camp make for a great week in april
Join the code sprint in Waalwijk and share your experience at the TYPO3camp Venlo afterwards.
Mehr erfahrenReport on codesprint Karlsruhe 3.3-6.3.16
Another codesprint took place, preparing for the first release of the v8 series.
Upcoming elections in the TYPO3 Association 2016
Official positions in the TYPO3 Association have a tenure of office of 2 years. Each year half of the positions are newly elected. In 2016 the following positions are up for election:
TYPO3-EXT-SA-2016-008: SQL Injection in extension "Another simple gallery" (chgallery)
It has been discovered that the extension "Another simple gallery" (chgallery) is susceptible to SQL Injection.
TYPO3-EXT-SA-2016-007: Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension "phpMyAdmin" (phpmyadmin) is susceptible to unsafe comparison of XSRF/CSRF token, multiple full path disclosure vulnerabilities, multiple XSS vulnerabilities, insecure password generation in JavaScript.
Entering the final stage of the TYPO3 Inc. preparation - we need you!
The TYPO3 Inc. preparation group is coming to the final stage of its work. During the past months we held countless meetings and discussion in order to find out what would be a viable way to start up the TYPO3 Inc.
Discontinuation of the Subversion Service at svn.typo3.org
Five years after the move of TYPO3 CMS to Git, the Subversion server svn.typo3.org will be shut down on May 1st, 2016.
Kicking off TYPO3 v8 Development
The TYPO3 core team is officially starting the next development cycle. Sprint releases every 8-10 weeks along the way until TYPO3 8 LTS (Long Term Support) in April 2017 will ensure that new projects can possibly be set up with v8 already. A smooth upgrade path between the sprint releases will be provided.
TYPO3-EXT-SA-2016-006: Cross-Site Scripting in extension "Apache Solr for TYPO3" (solr)
It has been discovered that the extension "Apache Solr for TYPO3" (solr) is susceptible to Cross-Site Scripting.
TYPO3-EXT-SA-2016-005: Cross-Site Scripting in extension "Extension Kickstarter" (kickstarter)
It has been discovered that the extension "Extension Kickstarter" (kickstarter) is susceptible to Cross-Site Scripting.