系统安全

Typo3第三方扩展安全提醒

包括如下扩展:including cal, direct_mail, an_searchit, kk_downloader, lt_basetag, mchtrips, simple_glossar, tw_productfinder, wfqbe

2009年12月01日 16:00 存在: 14 yrs
分类: 系统安全
作者: TYPO3中国

Security vulnerabilities have been discovered in following third party TYPO3 extensions: "Calendar Base" (cal), "Direct Mail" (direct_mail), "[AN] Search it!" (an_searchit), "Simple download-system with counter and categories" (kk_downloader), "Automatic Base Tags for RealUrl" (lt_basetag), "Trips" (mchtrips), "simple Glossar" (simple_glossar), "TW Productfinder" (tw_productfinder), "DB Integration" (wfqbe)

For further information on the issue in extension "Calendar Base" (cal),
please read the related advisory TYPO3-SA-2009-019 that was published
today:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-019/

For further information on the issue in extension "Direct Mail"
(direct_mail), please read the related advisory TYPO3-SA-2009-018 that
was published today:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-018/

For further information on all CSB (Collective Security Bulletin) issues ,
please read the related advisory TYPO3-SA-2009-017 that was published
today:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-017/

In general the TYPO3 Security Team recommends to read the following pages:

The TYPO3 Security Cookbook:
http://typo3.org/fileadmin/security-team/typo3_security_cookbook_v-0.5.pdf

Make sure you are subscribed to the TYPO3 Announce List:
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-announce

See all TYPO3 security advisories:
http://typo3.org/teams/security/security-bulletins/


  打印版本  联系我们  到顶部   
最后更新日期 date