Posts from 2014-02-20

Security Team will publish Public Service Announcement (PSA)

 

   Public Service Announcements will include valuable security related information regarding TYPO3 products or the typo3.org infrastructure.

   Topics of these advisories will include security issues  in third party software like e.g. Apache, Nginx, MySQL or PHP that are related to TYPO3 products, possible security related misconfigurations in third party software, possible misconfigurations in TYPO3 products, security related information about our server infrastructure and important advices how to securely use TYPO3 products.

FocusPoint is the Smarter Image Cropping for SilverStripe

     Image cropping in SilverStripe is pretty minimalistic. You don't crop images at all inside the CMS, you can however crop images in the SilverStripe template engine.

Cross-Site Request Forgery Protection in TYPO3 CMS 6.2

   In TYPO3 CMS, protection against CSRF has been implemented for many important actions (like creating, editing or deleting records) but is still missing in other places (like Extension Manager, file upload, configuration module). The upcoming 6.2 LTS version will finally close this gap and will protect editors or administrators from these kind of attacks. Since this kind of security improvement cannot be done without potentially breaking third party extensions, this additional security feature will only be part of TYPO3 CMS 6.2 and will not be backported to older versions.Solution: Since user action is always involved in this attack technique the risk can be mitigated greatly by not using the default web browser to log into a TYPO3 Backend and always log out once the work is finished.

Squarespace goes to the Superbowl!

 Squarespace are the winners of Critics' Choice Award for Best Website Builder. They have hit the big time and are now heading to the Superbowl.

We announce Squarespace Logo!

  Winners of our Critics' Choice CMS Award for Best Website Builder, Squarespace have announced a new free tool for the easy creation of quick and simple logos, Squarespace Logo!

Read more...

 

You can download now MODX Revolution 2.2.11 !

 MODX Revolution has released the latest version MODX Revolution 2.2.11 includes a number of security fixes and aims to prevent change loss for those running the popular open source CMS.