Warning: count(): Parameter must be an array or an object that implements Countable in /www/htdocs/w0073c6c/raumbasis.com-subdomains/contao4/vendor/lexik/maintenance-bundle/Listener/MaintenanceListener.php on line 180
RSS Reader - Marco Rehberg
xx

Contao news

Contao Open Source CMS news feed

Security vulnerability CVE-2019-10643

Security researcher Ali Razzaq has discovered that confirming an opt-in token does not invalidate previous opt-in tokens in Contao 4.7. The security vulnerability has the identifier CVE-2019-10643.

Security vulnerability CVE-2019-10642

Security researcher Ali Razzaq has discovered that the request token check can be bypassed in Contao 4.7. The security vulnerability has the identifier CVE-2019-10642.

Security vulnerability CVE-2019-10641

Security researcher Ali Razzaq has discovered that existing sessions are not correctly invalidated when a user changes their password in the back end or front end. The security vulnerability has the identifier CVE-2019-10641.

Security update on April 9th, 2019

On April 9th, 2019, we will release updates for Contao 3.5, 4.4 and 4.7, which fix several security vulnerabilities.

Recap of the first Contao Core Developers Meeting 2019

Every year, the Contao Core development team meets twice for a short code sprint of three days.

Contao 4.7.0 is available

Contao version 4.7.0 is available. The release contains new features such as native fonts in the back end, drag and drop in the template editor, an opt-in service, an improved front end preview bar, additional SEO settings for news and events and a lot more.

Security vulnerability CVE-2018-20028

CVE-2018-20028 identifies a security vulnerability in Contao, which allows logged in back end users to view records that have not been enabled for them.

Contao Manager 1.1.0 is available

Contao Manager version 1.1.0 is available. The release contains a new System Recovery feature, advanced installation options and improved package search results.

Security vulnerability CVE-2018-17057

CVE-2018-17057 identifies a security vulnerability in TCPDF, which also affects Contao.

Contao 3.5.36 is available

Contao version 3.5.36 is available. The bugfix release fixes a code execution vulnerability when generating PDFs (CVE-2018-17057).