[SECURITY] Prevent RCE via install tool settings
Resolves: #102799 Releases: main, 13.0, 12.4, 11.5 Change-Id: I673b6fbac853b0a977a5e5833a683c6952a55458 Security-Bulletin: TYPO3-CORE-SA-2024-002 Security-References: CVE-2024-22188 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/82946 Tested-by:Oliver Hader <oliver.hader@typo3.org> Reviewed-by:
Showing
- typo3/sysext/core/Classes/Imaging/GraphicalFunctions.php 1 addition, 1 deletiontypo3/sysext/core/Classes/Imaging/GraphicalFunctions.php
- typo3/sysext/core/Classes/Mail/TransportFactory.php 5 additions, 0 deletionstypo3/sysext/core/Classes/Mail/TransportFactory.php
- typo3/sysext/core/Classes/Resource/Processing/LocalCropScaleMaskHelper.php 14 additions, 10 deletions.../Classes/Resource/Processing/LocalCropScaleMaskHelper.php
- typo3/sysext/core/Classes/Utility/CommandUtility.php 8 additions, 4 deletionstypo3/sysext/core/Classes/Utility/CommandUtility.php
- typo3/sysext/core/Configuration/DefaultConfiguration.php 1 addition, 1 deletiontypo3/sysext/core/Configuration/DefaultConfiguration.php
- typo3/sysext/core/Configuration/DefaultConfigurationDescription.yaml 7 additions, 4 deletions...t/core/Configuration/DefaultConfigurationDescription.yaml
- typo3/sysext/core/Documentation/Changelog/11.5.x/Important-102799-TYPO3_CONF_VARSGFXprocessor_stripColorProfileParametersOptionAdded.rst 40 additions, 0 deletions...RSGFXprocessor_stripColorProfileParametersOptionAdded.rst
- typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php 1 addition, 1 deletion.../frontend/Classes/ContentObject/ContentObjectRenderer.php
- typo3/sysext/install/Classes/Configuration/AbstractCustomPreset.php 19 additions, 4 deletions...xt/install/Classes/Configuration/AbstractCustomPreset.php
- typo3/sysext/install/Classes/Configuration/AbstractPreset.php 5 additions, 0 deletions...3/sysext/install/Classes/Configuration/AbstractPreset.php
- typo3/sysext/install/Classes/Configuration/Image/CustomPreset.php 4 additions, 0 deletions...sext/install/Classes/Configuration/Image/CustomPreset.php
- typo3/sysext/install/Classes/Configuration/Mail/CustomPreset.php 4 additions, 0 deletions...ysext/install/Classes/Configuration/Mail/CustomPreset.php
- typo3/sysext/install/Classes/Configuration/PasswordHashing/CustomPreset.php 20 additions, 7 deletions...ll/Classes/Configuration/PasswordHashing/CustomPreset.php
- typo3/sysext/install/Classes/Service/LocalConfigurationValueService.php 31 additions, 1 deletion...nstall/Classes/Service/LocalConfigurationValueService.php
- typo3/sysext/install/Resources/Private/Partials/Settings/LocalConfiguration/SubSection.html 9 additions, 6 deletions...vate/Partials/Settings/LocalConfiguration/SubSection.html
- typo3/sysext/install/Resources/Private/Partials/Settings/Presets/Cache/Custom.html 4 additions, 3 deletions...urces/Private/Partials/Settings/Presets/Cache/Custom.html
- typo3/sysext/install/Resources/Private/Partials/Settings/Presets/Context/Custom.html 4 additions, 3 deletions...ces/Private/Partials/Settings/Presets/Context/Custom.html
- typo3/sysext/install/Resources/Private/Partials/Settings/Presets/Image/Custom.html 4 additions, 3 deletions...urces/Private/Partials/Settings/Presets/Image/Custom.html
- typo3/sysext/install/Resources/Private/Partials/Settings/Presets/Mail/Custom.html 5 additions, 3 deletions...ources/Private/Partials/Settings/Presets/Mail/Custom.html
- typo3/sysext/install/Resources/Private/Partials/Settings/Presets/PasswordHashing/Custom.html 4 additions, 4 deletions...ate/Partials/Settings/Presets/PasswordHashing/Custom.html
Please register or sign in to comment