http://buzz.typo3.org/ buzz.typo3.org: The TYPO3 buzz resource ;-) http://buzz.typo3.org/ http://buzz.typo3.org/fileadmin/news.typo3.org/xmlicon.gif http://buzz.typo3.org/teams/security/article/preannouncements-no-general-use-for-typo3-advisories/ The TYPO3 Security Team has decided to not use preannouncements in general. This is an explanation why we stick to the current procedure. http://buzz.typo3.org/teams/security/article/security-team-annual-leadership-vote-helmut-hummel-confirmed-andreas-foerthner-elected/ Today I would like to present the results of the annual voting of the security team leader. Helmut Hummel has been confirmed by the team members and has accepted his election for the year 2010.... http://buzz.typo3.org/teams/security/article/security-team-change-in-team-leadership/ The TYPO3 security team has elected a new team leader: Helmut Hummel is taking over from Lars Houmark. http://buzz.typo3.org/teams/security/article/secured-version-of-a21glossary-available-in-ter/ After having published bulletin TYPO3-SA-2009-003, the TYPO3 Security Team has been contacted by the extension owner who provided a security fix for that issue. http://buzz.typo3.org/teams/security/article/collective-security-bulletins-csb-the-reason-for/ The TYPO3 Security Team has started a new procedure for publishing bulletins on security issues in some extensions. This procedure only covers TYPO3 third party software. http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/ Within Security Bulletin TYPO3-20080611-1, the Security Team has informed the public about the dangers of a wrong value of fileDenyPattern in combination with the Apache module mod_mime. This topic... http://buzz.typo3.org/teams/security/article/massive-web-server-hacks-iframe-attacks-now-extended-to-typo3/ Lately, numerous reports have been discussing a new scheme of attacks that affect all kinds of web servers. This wave has now reached TYPO3 (and other CMS systems). http://buzz.typo3.org/teams/security/article/welcome/ Dear reader,Welcome to the opening post of the TYPO3 Security Team on the buzz.Until now the security team has worked in a very close forum. That will continue, but we have started this blog to give...