Debian Security Advisory
DSA-2834-1 typo3-src -- several vulnerabilities
- Date Reported:
- 01 Jan 2014
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 731999.
In Mitre's CVE dictionary: CVE-2013-7073, CVE-2013-7074, CVE-2013-7075, CVE-2013-7076, CVE-2013-7078, CVE-2013-7079, CVE-2013-7080, CVE-2013-7081.
- More information:
Several vulnerabilities were discovered in TYPO3, a content management system. This update addresses cross-site scripting, information disclosure, mass assignment, open redirection and insecure unserialize vulnerabilities and corresponds to TYPO3-CORE-SA-2013-004.
For the oldstable distribution (squeeze), these problems have been fixed in version 4.3.9+dfsg1-1+squeeze9.
For the stable distribution (wheezy), these problems have been fixed in version 4.5.19+dfsg1-5+wheezy2.
For the testing distribution (jessie), these problems have been fixed in version 4.5.32+dfsg1-1.
For the unstable distribution (sid), these problems have been fixed in version 4.5.32+dfsg1-1.
We recommend that you upgrade your typo3-src packages.