Search:

Type: Posts; User: Contao-Bot

Page 1 of 4 1 2 3 4

Search: Search took 0.01 seconds.

  1. Recap of the first Contao Core Developers Meeting 2020

    Every year, the Contao Core development team meets twice for a short code sprint of three days.



    Read more about 'Recap of the first Contao Core Developers Meeting 2020'...
  2. Contao Two Month Review January and February 2020

    What lasts long, finally gets better.


    Read more about 'Contao Two Month Review January and February 2020'...
  3. Replies
    0
    Views
    61

    Sticky: Contao 4.9.0 (LTS) is available

    Contao version 4.9.0 is available. The release contains new features such as a crawler, a SERP widget, dynamic favicon.ico and robots.txt files, image lazy loading, backup codes and trusted devices...
  4. Contao Two Month Review November and December 2019

    It was an eventful year for Contao in all respects, and we quietly bid it farewell.


    Read more about 'Contao Two Month Review November and December 2019'...
  5. Contao 4.4.46 and 4.8.6 are available

    Contao 4.4.46 and 4.8.6 are available. The releases fix the security vulnerabilities CVE-2019-19745, CVE-2019-19712 and CVE-2019-19714.


    Read more about 'Contao 4.4.46 and 4.8.6 are available'...
  6. Replies
    0
    Views
    120

    Security update on December 17th, 2019

    On December 17th, 2019, we will release security updates for Contao 4.4 and 4.8.


    Read more about 'Security update on December 17th, 2019'...
  7. Contao Two Month Review September and October 2019

    Autumn is here and with it comes the beautiful colors of the leaves in the forest. But, with each new version, Contao gets an even more colorful set of enhancements.


    Read more about 'Contao Two...
  8. Replies
    0
    Views
    88

    Contao Manager 1.2.0 available

    Just in time for the Contao Conference 2019 in Duisburg (Germany), the Contao Manager version 1.2.0 was released. As expected, this version contains many new and interesting features.


    Read more...
  9. Recap of the second Contao Core Developers Meeting 2019

    Every year, the Contao Core development team meets twice for a short code sprint of three days.



    Read more about 'Recap of the second Contao Core Developers Meeting 2019'...
  10. Contao Two Month Review July and August 2019

    There are some exciting prospects ahead - and not just in retrospect.


    Read more about 'Contao Two Month Review July and August 2019'...
  11. Replies
    0
    Views
    130

    Bypassing the request token check

    Date: 2019-04-09
    CVE ID: CVE-2019-10642
    The request token check can be bypassed. The problem affects Contao 4.7 and has been fixed in Contao 4.7.3.


    Read more about 'Bypassing the request...
  12. Replies
    0
    Views
    142

    Invalidating opt-in tokens

    Date: 2019-04-09
    CVE ID: CVE-2019-10643
    Confirming an opt-in token does not invalidate previous opt-in tokens. The problem affects Contao 4.7 and has been fixed in Contao 4.7.3.


    Read more...
  13. Replies
    0
    Views
    151

    SQL injection in the file manager

    Date: 2019-04-30
    CVE ID: CVE-2019-11512
    The search menu of the file manager is vulnerable to SQL injections. The problem affects all Contao versions as of Contao 4.1 and has been fixed in Contao...
  14. Session invalidation upon password changes

    Date: 2019-04-09
    CVE ID: CVE-2019-10641
    User sessions are not invalidated if a user changes their password. The problem affects all Contao versions and has been fixed in Contao 3.5.39, 4.4.37 and...
  15. Viewing unauthorized records in the back end

    Date: 2018-12-13
    CVE ID: CVE-2018-20028
    Logged in back end users can view records which have not been enabled for them. The problem affects all Contao versions and has been fixed in Contao 3.5.37,...
  16. Replies
    0
    Views
    142

    Arbitrary code execution in TCPDF

    Date: 2018-09-18
    CVE ID: CVE-2018-17057
    A vulnerability in TCPDF allows for arbitrary code execution. The problem affects all Contao versions and has been fixed in Contao 3.5.36, 4.4.25 and 4.6.4....
  17. Replies
    0
    Views
    133

    Cross site scripting in the system log

    Date: 2018-04-18
    CVE ID: CVE-2018-10125
    The system log is vulnerable to cross site scripting in the back end. The problem affects all Contao versions and has been fixed in Contao 3.5.34, 4.4.17...
  18. Replies
    1
    Views
    178

    Contao 4.8.0 is available

    Contao version 4.8.0 is available. The release contains new features such as deferred image resizing, 2-factor authentication in the front end, splash screens for YouTube and Vimeo videos, service...
  19. Replies
    0
    Views
    238

    Updates regarding Contao 3 and Slack

    On 31 May 2019 the LTS period of Contao 3.5 expired. In this article I'll summarize what exactly that means. We have also decided to open our Slack workspace to everyone as an alternative to IRC...
  20. Contao Two Month Review May and June 2019

    Over the last week of June, the thermometers were reading high all over Europe. Meteorologists nationwide agreed that the heat could break records.


    Read more about 'Contao Two Month Review May...
  21. Replies
    0
    Views
    161

    Security vulnerability CVE-2019-11512

    David Wind, penetration tester with A1 Digital, has discovered that the SQL injection vulnerability originally published under CVE-2017-16558 can still be exploited in the file manager in Contao 4....
  22. Replies
    0
    Views
    194

    Security update on April 30th, 2019

    On April 30th, 2019, we will release an update for Contao 4.4 and 4.7, which fixes a security vulnerability.


    Read more about 'Security update on April 30th, 2019'...
  23. Replies
    0
    Views
    182

    Security vulnerability CVE-2019-10642

    Security researcher Ali Razzaq has discovered that the request token check can be bypassed in Contao 4.7. The security vulnerability has the identifier CVE-2019-10642.


    Read more about 'Security...
  24. Replies
    0
    Views
    184

    Security vulnerability CVE-2019-10643

    Security researcher Ali Razzaq has discovered that confirming an opt-in token does not invalidate previous opt-in tokens in Contao 4.7. The security vulnerability has the identifier CVE-2019-10643.
    ...
  25. Replies
    0
    Views
    184

    Security vulnerability CVE-2019-10641

    Security researcher Ali Razzaq has discovered that existing sessions are not correctly invalidated when a user changes their password in the back end or front end. The security vulnerability has the...
  26. Replies
    0
    Views
    157

    Security update on April 9th, 2019

    On April 9th, 2019, we will release updates for Contao 3.5, 4.4 and 4.7, which fix several security vulnerabilities.


    Read more about 'Security update on April 9th, 2019'...
  27. Recap of the first Contao Core Developers Meeting 2019

    Every year, the Contao Core development team meets twice for a short code sprint of three days.



    Read more about 'Recap of the first Contao Core Developers Meeting 2019'...
  28. Replies
    0
    Views
    188

    Contao 4.7.0 is available

    Contao version 4.7.0 is available. The release contains new features such as native fonts in the back end, drag and drop in the template editor, an opt-in service, an improved front end preview bar,...
  29. Replies
    0
    Views
    216

    Security vulnerability CVE-2018-20028

    CVE-2018-20028 identifies a security vulnerability in Contao, which allows logged in back end users to view records that have not been enabled for them.


    Read more about 'Security vulnerability...
  30. Replies
    0
    Views
    199

    Contao Manager 1.1.0 is available

    Contao Manager version 1.1.0 is available. The release contains a new System Recovery feature, advanced installation options and improved package search results.


    Read more about 'Contao Manager...
  31. Replies
    0
    Views
    154

    Security vulnerability CVE-2018-17057

    CVE-2018-17057 identifies a security vulnerability in TCPDF, which also affects Contao.


    Read more about 'Security vulnerability CVE-2018-17057'...
  32. Replies
    0
    Views
    172

    Contao 3.5.36 is available

    Contao version 3.5.36 is available. The bugfix release fixes a code execution vulnerability when generating PDFs (CVE-2018-17057).


    Read more about 'Contao 3.5.36 is available'...
  33. Replies
    0
    Views
    161

    Contao 4.6.0 is available

    Contao version 4.6.0 is available. The release contains new features such as 2-factor authentication in the back end, drag and drop in the file manager, extended video support and automatic cache...
  34. Replies
    0
    Views
    329

    Contao 4.5.10 is available

    Contao version 4.5.10 is available. The bugfix release restores the compatibility with Symfony 3.4.12.


    Read more about 'Contao 4.5.10 is available'...
  35. Replies
    0
    Views
    156

    Contao 4.4.20 is available

    Contao version 4.4.20 is available. The bugfix release restores the compatibility with Symfony 3.4.12.


    Read more about 'Contao 4.4.20 is available'...
  36. Replies
    0
    Views
    181

    Contao 4.5.9 is available

    Contao version 4.5.9 is available. The bugfix release fixes several minor problems and optimizes the RAM usage when generating XML sitemaps.


    Read more about 'Contao 4.5.9 is available'...
  37. Replies
    0
    Views
    135

    Contao 4.4.19 is available

    Contao version 4.4.19 is available. The bugfix release fixes several minor problems and optimizes the RAM usage when generating XML sitemaps.


    Read more about 'Contao 4.4.19 is available'...
  38. Replies
    0
    Views
    169

    Contao 4.5.8 is available

    Contao version 4.5.8 is available. The bugfix release fixes an XSS vulnerability in the system log of the back end (CVE-2018-10125).


    Read more about 'Contao 4.5.8 is available'...
  39. Replies
    0
    Views
    174

    Contao 4.4.18 is available

    Contao version 4.4.18 is available. The bugfix release fixes an XSS vulnerability in the system log of the back end (CVE-2018-10125).


    Read more about 'Contao 4.4.18 is available'...
  40. Replies
    0
    Views
    268

    Contao 3.5.35 is available

    Contao version 3.5.35 is available. The bugfix release fixes an XSS vulnerability in the system log of the back end (CVE-2018-10125).


    Read more about 'Contao 3.5.35 is available'...
  41. Replies
    0
    Views
    160

    Contao 4.5.7 is available

    Contao version 4.5.7 is available. The bugfix release fixes a few minor issues including a problem with validating the request token and a problem with rendering custom layout sections.


    Read...
  42. Replies
    0
    Views
    206

    Contao 4.4.17 is available

    Contao version 4.4.17 is available. The bugfix release fixes a few minor issues including a problem with rendering custom layout sections.


    Read more about 'Contao 4.4.17 is available'...
  43. Replies
    0
    Views
    211

    Contao 4.4.16 is available

    Contao version 4.4.16 is available. The bugfix release fixes a problem with the page picker in TinyMCE.


    Read more about 'Contao 4.4.16 is available'...
  44. Replies
    0
    Views
    170

    Contao 4.5.6 is available

    Contao version 4.5.6 is available. The bugfix release fixes a problem with new installations with InnoDB without large prefixes.


    Read more about 'Contao 4.5.6 is available'...
  45. Replies
    0
    Views
    157

    Contao 4.5.5 is available

    Contao version 4.5.5 is available. The bugfix release fixes problems with using InnoDB without the innodb_large_prefix option.


    Read more about 'Contao 4.5.5 is available'...
  46. Replies
    0
    Views
    163

    Contao 3.5.34 is available

    Contao version 3.5.34 is available. The bugfix release fixes several problems and improves the folder hash calculation.


    Read more about 'Contao 3.5.34 is available'...
  47. Replies
    0
    Views
    140

    Contao 4.4.15 is available

    Contao version 4.4.15 is available. The bugfix release fixes several issues including problems with the HTTP cache and improves the folder hash calculation.


    Read more about 'Contao 4.4.15 is...
  48. Replies
    0
    Views
    278

    Contao 4.5.4 is available

    Contao version 4.5.4 is available. The bugfix release fixes several issues including a problem with rebuilding the search index.


    Read more about 'Contao 4.5.4 is available'...
  49. Replies
    0
    Views
    171

    Contao 4.4.14 is available

    Contao version 4.4.14 is available. The bugfix release fixes several issues including a problem with rebuilding the search index.


    Read more about 'Contao 4.4.14 is available'...
  50. Replies
    0
    Views
    300

    Contao 4.5.3 is available

    Contao version 4.5.3 is available. The bugfix release fixes several minor issues including a problem with accessing the PHP session.


    Read more about 'Contao 4.5.3 is available'...
  51. Replies
    0
    Views
    235

    Contao 4.4.13 is available

    Contao version 4.4.13 is available. The bugfix release fixes issues with PHP 7.2 as well as with MariaDB 10.2.4+ and MySQL 8.


    Read more about 'Contao 4.4.13 is available'...
  52. Replies
    0
    Views
    208

    Contao 3.5.33 is available

    Contao version 3.5.33 is available. The bugfix release restores the PHP 5.4 compatibility and fixes problems with MariaDB 10.2.4+ and MySQL 8.


    Read more about 'Contao 3.5.33 is available'...
  53. Replies
    0
    Views
    236

    Contao 3.5.32 is available

    Contao version 3.5.32 is available. The bugfix release fixes an XSS vulnerability in the newsletter extension (CVE-2018-5478).


    Read more about 'Contao 3.5.32 is available'...
  54. Replies
    0
    Views
    208

    Security update on January 18th, 2018

    On January 18th, 2018, we will release an update for Contao 3.5 which fixes a security vulnerability in one of the standardly distributed extensions.


    Read more about 'Security update on January...
  55. Replies
    0
    Views
    209

    Contao 4.5.2 is available

    Contao version 4.5.2 is available. The bugfix release fixes issues with storing the user session and with handling modified fields of a model.


    Read more about 'Contao 4.5.2 is available'...
  56. Replies
    0
    Views
    219

    Contao 4.4.12 is available

    Contao version 4.4.12 is available. The bugfix release optimizes adding pages to the search index and fixes a few minor issues.


    Read more about 'Contao 4.4.12 is available'...
  57. Replies
    0
    Views
    256

    Contao 4.4.9 is available

    Contao version 4.4.9 is available. The bugfix release fixes several minor PHP 7.2 related issues.


    Read more about 'Contao 4.4.9 is available'...
  58. Replies
    0
    Views
    210

    Contao 4.5.1 is available

    Contao version 4.5.1 is available. The bugfix release fixes issues with the Symfony security implementation.


    Read more about 'Contao 4.5.1 is available'...
  59. Replies
    0
    Views
    244

    Contao 4.5.0 is available

    Contao version 4.5.0 is available.


    Read more about 'Contao 4.5.0 is available'...
  60. Replies
    0
    Views
    194

    Contao 4.4.11 is available

    Contao version 4.4.11 is available. The bugfix release reverts the identifier quoting changes.


    Read more about 'Contao 4.4.11 is available'...
Results 1 to 60 of 213
Page 1 of 4 1 2 3 4