Month: March 2016

TYPO3 User eXperience Week 2016 – Sponsors wanted

Five usability teams, one Core Team, one week in the middle of nowhere – this is a basis for very successfull enhancements for TYPO3. The former TYPO3 User eXperience weeks (short: T3UXW) proofed that already several times. In a couple of weeks the next TYPO3 User eXperience Week takes place in in Festenburg in the upper Harz. The date is from April 9. to 16.  There is still the urgent need for sponsors, who enable the participants these intense working days. The sponsorship covers cost for food, hotel and travelling. The working hours are sponsored by the participants themselves or...

Read More

EXT:phpMyAdmin – Alternatives for TYPO3

Last week again a security update for the TYPO3 extension „phpMyAdmin“ hit the public. This is one of the extensions, which are mostly updated due to security reasons. There are several secure alternatives, which I will show you in this article. First of all, I want to thank the author, Andreas Beutel, of the TYPO3 extension „phpMyAdmin“ for his continuos work on this extension, in order to keep it save. It is (probably)  a really annoying  job to keep the extension up to date. In most (all?) cases it is not a problem of the the TYPO3 extension itself,...

Read More

3 + 1 Solutions for Responsive Images on TYPO3 Websites

Building responsive websites is already the standard for new websites and relaunches. But delivering a 4k hires image to a mobile device via a 3G or even Edge connection is a pain (especially for the user). The question is: How to avoid this? And how to make visitors and customers happy? In order to solve this, I found 3 + 1 different approaches. One of them is implemented in the TYPO3 core. Two are standalone solutions which integrate nicely with TYPO3. The fourth solution does the cropping in the frontend and sets an individual viewport. The browser support for responsive...

Read More

“Miles ahead” – TYPO3 V8 Development started

Shortly after branching off the new TYPO3 version 8, I started a written interview with Benni Mack and Mathias Schreiber. Benni is the the team lead of the TYPO3 core team and Mathias is the product owner of TYPO3 CMS. Please read on for the complete interview and see what we can expect from the next year. Marcus: Hi Mathias. Hi Benni. Thank you for your time to speak about the next weeks and months of TYPO3 development. But let me start with another question: I can imagine the last year was quite exhausting. All efforts went in delivering the...

Read More

TYPO3 Extension Security Bulletins 01 – 2016

On March 3rd the TYPO3 security team published six security bulletins regarding extensions. The following extensions were covered: ics_utopia, listfeusers, enter_new_weeaar_googlesitemap, festat, kickstarter, solr. For details, read on … Information Disclosure in extension “UTOPIA” (ics_utopia) This extension will not be updated and will receive no security update. Please remove the extension from your installation and all associated files from fileadmin. Extensionkey: ics_utopia Severity: medium Link: https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2016-001/ Cross-Site Scripting in extension “List frontend users” (listfeusers) An updated version is available via TER. Please update the extension as soon as possible. Extensionkey: listfeusers Severity: low Link: https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2016-002/ Cross-Site Scripting in extension “Google Sitemap” (enter_new_weeaar_googlesitemap) This extension will not be updated and will receive no security update. Please remove the extension from your installation. Extensionkey: enter_new_weeaar_googlesitemap Severity: medium Link: https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2016-003/ Multiple vulnerabilities in extension “Fe user statistic” (festat) Old versions of extension contains multiple vulnerabilities. This leads to a severity rating of “high”. Please update as soon as possible to the current version of the TER. Extensionkey: festat Severity: High Link: https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2016-004/ Cross-Site Scripting in extension “Extension Kickstarter” (kickstarter) In order to exploit this vulnerability a backend user with admin rights must be logged in. Please update to the latest TER version. Extensionkey: kickstarter Severity: low Link: https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2016-005/ Cross-Site Scripting in extension “Apache Solr for TYPO3” (solr) A cross site scripting vulnerability was discovered in the extension “solr”. Please update to the last available version on TER. Extensionkey: solr Severity: low Link: https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2016-006/ Thanks...

Read More

Patrons Platinum Level

Amazon – Affiliate

If you like this blog and want to support me, you can use the following Amazon Logo to order products there. For each ordered product, I will receive a small commission. There will be no additional costs for you,


Become a Patron