Categories
Security & Updates

Typo3 6.2.3 Update Released

“Typo3 6.2.3 this is a security and bugfix release.”

Typo3 6.2.3 logo - Miami Hoster Internet Solutions, domain registration, web hosting, design, development and security services

TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets.

It offers full flexibility and extendability while featuring an accomplished set of ready-made interfaces, functions and modules.

 

Changes Details

  • [SECURITY] Add trusted HTTP_HOST configuration (Helmut Hummel)
  • [SECURITY] XSS in (old) extension manager information function (Nicole Cordes)
  • [SECURITY] XSS in new content element wizard (Marcus Krause)
  • [SECURITY] XSS in template tools on root page (Marc Bastian Heinrichs)
  • [SECURITY] XSS in Backend Layout Wizard (Helmut Hummel)
  • [SECURITY] Encode URL for use in JavaScript (Jigal van Hemert)
  • [SECURITY] Session timeout can be circumvented once (Markus Klein)
  • [SECURITY] Remove charts.swf to get rid of XSS vulnerability (Helmut Hummel)
  • [BUGFIX] RTE Remove Format removes too much (Stanislas Rolland)
  • [BUGFIX] indexed_search plugin cannot be translated (Robert Vock)
  • [BUGFIX] Missing check if $row[t3ver_state] is set in IconUtility (Frans Saris)
  • [TASK] Cleanup DataHandler functional tests (Oliver Hader)
  • [TASK] Extend DataHandler IRRE functional tests (Oliver Hader)
  • [TASK] Unify DataHandler test structure (Oliver Hader)
  • [BUGFIX] Wrong system requirements link (Markus Klein)
  • [BUGFIX] Wrong path reference for installToolPassword option (Markus Klein)
  • [BUGFIX] Restore registers before early returns (Jo Hasenau)
  • [BUGFIX] Don’t rely on not found database records impexp (Marc Bastian Heinrichs)
  • [BUGFIX] MM relations are not correctly resolved in Backend view (Oliver Hader)
  • [BUGFIX] Invalid module token in openid wizard (Markus Klein)
  • [BUGFIX] Sprite icons not shown (Frans Saris)
  • [BUGFIX] Category tab not shown for file when filemetadata installed (Frans Saris)
  • [BUGFIX] Remove failing extension installations (Nicole Cordes)
  • [BUGFIX] DataProviderContext uses wrong member field in setter (Tim Schreiner)
  • [TASK] Update to phpunit 4.1 (Christian Kuhn)
  • [SECURITY] Extbase must not cache dynamic parts of queries (Markus Klein)
  • [BUGFIX] Check if storage exists before accessing it (Christian Weiske)
  • [BUGFIX] Use file name in delete confirmation message (Christian Weiske)
  • [BUGFIX] LocalizationUtility methods should be static (Christian Kuhn)
  • [TASK] Add PHP 5.6 as travis-ci environment (Christian Kuhn)
  • [TASK] Set TYPO3 version to 6.2.3-dev (TYPO3 Release Team)

[otw_is sidebar=otw-sidebar-8]

More Information

[otw_is sidebar=otw-sidebar-7]