Package typo3_src: Information
Source package: typo3_src
Version: 4.2.17-alt0.M40.1
Build time: Dec 28, 2010, 05:56 PM
Category: Networking/Other
Report package bugHome page: http://www.typo3.org
License: GPL
Summary: A free, feature rich, Content Management Framework/System
Description:
TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets. It offers full flexibility and extendability while featuring an accomplished set of ready-made interfaces, functions and modules. To find out more, see http://www.typo3.org | http://www.typo3.ru. You should install MySQL-server package or care of DBAL setup yourself. It's also highly recommended to install some sort of PHP accelerator, like php-mmcache, php5-eaccelerator or php5-xcache.
Maintainer: Michael Shigorin
Last changed
Dec. 28, 2010 Michael Shigorin 4.2.17-alt0.M40.1
- 4.2.17: regression fixes, see http://wiki.typo3.org/wiki/TYPO3_4.2.17
Dec. 19, 2010 Michael Shigorin 4.2.16-alt0.M40.1
- 4.2.16: major security fixes, see http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/ + arbitrary code execution due to insufficient input validation in PHP file inclusion protection API + a few more less severe problems, see the link above
Oct. 6, 2010 Michael Shigorin 4.2.15-alt0.M40.1
- 4.2.15: critical security fixes, see http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/ + remote file disclosure (no auth required) + several XSS in backend (valid backend login required) + remote file disclosure in EM (valid backend admin login required) + privilege escalation possible for backend user having permission to create other backend users due to improper user input validation + DoS with php crash in t3lib_div::validEmail() + XSS protection incomplete in RemoveXSS()