Debian Security Advisory
DSA-2574-1 typo3-src -- several vulnerabilities
- Date Reported:
- 15 Nov 2012
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2012-6144, CVE-2012-6145, CVE-2012-6146, CVE-2012-6147.
- More information:
Several vulnerabilities were discovered in TYPO3, a content management system. This update addresses cross-site scripting, SQL injection, and information disclosure vulnerabilities and corresponds to TYPO3-CORE-SA-2012-005.
For the stable distribution (squeeze), this problem has been fixed in version 4.3.9+dfsg1-1+squeeze7.
For the unstable distribution (sid), this problem has been fixed in version 4.5.19+dfsg1-4.
We recommend that you upgrade your typo3-src packages.