Go to: typo3.com Home TYPO3 Association Home typo3.org Home Certification FLOW3 Bugtracker Forge (Development Platform) News Buzz (TYPO3 Blogs) Wiki Mailing lists TYPO3 Snippets

Search:

Security is taken very seriously by the developers of TYPO3. The visible part of that concern is the TYPO3 Security Team, whose team page you are viewing right now.

And it seems they are doing a good job. As TYPO3-user Michael Shigorin told us: "For us, one major reason to choose TYPO3 was the virtually blank bugtraq trail with significant usage numbers." Go ahead, search bugtraq and see for yourself...

TYPO3 core security updates, extension security updates or unmaintained insecure extensions are announced in form of TYPO3 Security Bulletins. We notify the TYPO3 community about the release of new bulletins via different channels:

To get the bulletin notification delivered to your inbox, we strongly recommend to subscribe to the typo3-announce mailing list. Besides that, you may also consider to subscribe to the security news feed at news.typo3.org. The feed is available in different formats (Atom 0.3, RDF, RSS 2.0 and RSS 0.91).

If you have found a security issue in a TYPO3 extension or the TYPO3 core system, please report it to us. If you want to know how we deal with security issues, have a look at this page explaining our policy on such matters.

The TYPO3 Security Team has been founded in 2004. Real-life meetings mainly take place during the TYPO3 Snowboard Tour. If you are interested in contributing, please contact us.