Zusammenfassung der Ressource
Frage 1
Frage
What is the first step when you discover a security vulnerability in a non-core TYPO3 extension? (1)
Antworten
-
Contact the author of the extension
-
Inform the TYPO3 Security Team under security@typo3.org
-
Inform the TYPO3 Association under association@typo3.org
-
Fix the issue yourself and publish the patch in a Git repository at GitHub
-
Post a message to the Twitter account of the TYPO3 Security Team
Frage 2
Frage
How should a developer stay up-to-date about security issues in the TYPO3 ecosystem? (1)
Antworten
-
By following the Twitter channel “@typo3_security”
-
By checking the TYPO3 website from time to time
-
By subscribing to the Slack channel “#security”
-
By subscribing to the mailing list “typo3-announce”
-
By checking the TYPO3 review system frequently