Zum Hauptinhalt springen

Mobile Apps

 Maßgeschneidert für Prozesse und Funktionen bieten Apps in der heutigen Zeit eine große Rolle bei der Optimierung. Wir bieten Ihnen einen umfassenden Service bei der Konzeption und Realisierung Anwendungen (Nativ oder als Web App mit Phonegap).

Targeting

Finden Sie Zielgruppen genau Ihre Kunden im Internet? Re-Markteting von Suchergebnissen und Nutzern... Wir unterstützen Sie in Ihrem Marketing Plan!

360° Showrooms

Verbessern Sie Ihre Internet Präsenz auf Google mit einer erstklassigen virtuellen 360°-Tour in Street View! Einfach, schnell und günstig. Die VR Showrooms sind Zukunft der Visualisierung.

Ihre Webseite? schnell und einfach mit tp3

Neue vorkonfigurierte Oberflächen und Inhaltselemente lassen Sie Ihre Webseite auf dem neusten Stand der Technik präsentieren. 

enthaltene Besonderheiten in tp3

  • TYPO3 CMS 10 LTS
  • basierend auf Bootstrap_Packages 
  • Anpassungen Backend Module und Workflows
  • Media Inhalte extrahieren, verwalten und publizieren 
    (Digital Asset Management)
  • Bildbearbeitungsmöglichkeiten (Scale, Crop, Color etc.) für Redateuere
  • Beispiele von Inhaltselementen  wie Boxen, Carousel and Accordion
  • Verknüpfungen zu google+, facebook, twitter,...
  • Mobile App über Phonegap
  • Yoast SEO Tools
  • Pagespeed optimiert
  • NEU! steuerbare Animationseffekte

 

News System

TYPO3-PSA-2021-004: Statement on Recent log4j/log4shell Vulnerabilities (CVE-2021-44228)

 

 

 

  • Component Type: TYPO3 CMS core & TYPO3 extensions (third-party plugins)
  • Release Date: December 16, 2021
  • Type: Advisory
  • References:CVE-2021-44228, CVE-2021-45046

Problem Description

The critical vulnerability that was recently exposed in the log4j Java library is currently going  through the media and some TYPO3 users are unsure whether TYPO3 CMS or TYPO3 extensions are affected by this vulnerability too.

TYPO3 CMS and TYPO3 extensions are PHP based software packages and are therefore not affected by the log4j vulnerability. This includes bundled JavaScript components in TYPO3 CMS and TYPO3 extensions (Java and JavaScript are separate programming languages).

Many TYPO3 websites  rely on external services that could be affected by the vulnerability, but only if those external services are  based on Java. Here  are some common scenarios where additional services are used:

  • TYPO3 website includes a website search, which is based on the external services like Apache Solr or Elasticsearch
  • TYPO3 website uses the external service Apache Tika to extract metadata of uploaded files,
  • TYPO3 log files are processed by the external service Logstash,

In all these scenarios, the external services are Java-based software components that use the log4j library and are most  likely affected by the critical log4j vulnerability. 

Recommendation

The TYPO3 Security Team recommends TYPO3 website and server administrators to check if data generated by TYPO3 is logged or processed by Java-based external services in any way. If so, it is important to establish whether the external services use log4j and if they are affected by the vulnerability. 

This reference may be a helpful resource for TYPO3 website and server administrators on how to detect and mitigate the log4j/log4shell vulnerability.

TYPO3 Infrastructure

Affected components and external services used in the TYPO3 infrastructure have been identified and vendor patches have been applied. Affected components did not include any privacy or account-related data.

General Advice

Follow the recommendations given in the TYPO3 Security Guide. Please subscribe to the typo3-announce mailing list.