TYPO3 News & Events Hub
What’s New & What’s Coming
Seasons greetings and successful year 2017
Seasons greetings and successful year 2017 Dear TYPO3 Community and Association Members,we would like to thank you for your continued support that you provide with your Membership to the TYPO3 Community. 2016 has been a great year with a lot of...
Read moreSmooth movement to LDAP for Single Sign On
Based on a productive collaboration of the Server Team and the typo3.org Team, we have set up a LDAP service to replace the current Single Sign On (SSO) solution which is integrated into the typo3.org website.
TYPO3 v8.5 released
Christmas came early this year - TYPO3 v8.5 has been released just now, including some very exciting and promising changes. This so-called sprint release is one further step towards TYPO3 8 LTS, scheduled to be published in April 2017.
This Week in TYPO3 (2016, Week 49)
A wide range of companies have been contributing in various ways to the TYPO3 project in the past and are still contributing as is common for open source projects. Our whole infrastructure for instance would never have been possible were it not for...
Explanation of the T3A 2017 budget
Introduction A few months ago we started the process for receiving funds from the TYPO3 Association. The application phase was followed by a discussion and a poll by the members. The results of this poll are meant to give the Expert Advisory Board...
SymfonyCon 2016 Recap
December 2016 began with a cool event in Berlin - SymfonyCon. We want to share our view on the event and most importantly how the PHP ecosystem in general and TYPO3 in particular are affected by this.
Results of the typo3.org Design Contest
On 3rd November, we announced the typo3.org Design Contest to get impressions and ideas from the community for the new typo3.org website. Now we want to present the winners.
Scheduled maintenance of the TYPO3 Git / Gerrit Server
git.typo3.org and review.typo3.org will be under maintenance on Friday, Dec 9th.
TYPO3 CMS 7.6.14 released
The TYPO3 Community announces version 7.6.14 LTS of the TYPO3 Enterprise Content Management System.
Join Us and Contribute!
In the last blog post we described how our infrastructure and setup works and what we wanted to achieve with it. Now you can experience it yourself! We just opened our infrastructure to allow public contributions - for example to the blog extension...
Report on the combined Server Admin and typo3.org Team Sprint in Würzburg (November 2016)
The combined code sprints of the Server Admin Team and the typo3.org team took place at the University of Würzburg over the weekend from November 11-13. In total, 13 participants worked on concepts and code for the (new) typo3.org we
Path Traversal in TYPO3 Core
It has been discovered, that TYPO3 is susceptible to Path Traversal.
Insecure Unserialize in TYPO3 Backend
It has been discovered, that TYPO3 is susceptible to Insecure Unserialize.
TYPO3 CMS 6.2.29, 7.6.13 and 8.4.1 released
The TYPO3 Community announces the versions 6.2.29 LTS, 7.6.13 LTS and 8.4.1 of the TYPO3 Enterprise Content Management System.
Our Internal Workflow
In this post we want to give you a glimpse of how we are working internally, which tools we use and what the benefits of that workflow are to us.
Unvalidated Redirect in extension "TC Directmail" (tcdirectmail)
It has been discovered that the extension "TC Directmail" (tcdirectmail) is susceptible to Unvalidated Redirect.
SQL Injection in extension "Member Infosheets" (if_membersheet)
It has been discovered that the extension "Member Infosheets" (if_membersheet) is susceptible to SQL Injection.
Cross Site-Scripting in extension "Secure Download Form" (rs_securedownload)
It has been discovered that the extension "Secure Download Form" (rs_securedownload) is susceptible to Cross Site-Scripting.
SQL Injection in extension "Shibboleth Authentication" (shibboleth_auth)
It has been discovered that the extension "Shibboleth Authentication" (shibboleth_auth) is susceptible to SQL Injection.
Insecure Unserialize and SQL Injection in extension "Code Highlighter" (mh_code_highlighter)
It has been discovered that the extension "Code Highlighter" (mh_code_highlighter) is susceptible to Insecure Unserialize and SQL Injection.