TYPO3 version and release management

Last modified:

IMPORTANT! Current security release (9/13/2022)

The TYPO3 Association has published new security releases for all four major versions (8,9,10,11).

The updates fix several vulnerabilities:

Denial of Service (DoS)

Allows targeted and frequent web page requests to cripple the web server. For example, a gap in cache behavior can cause the web server's cache memory to grow larger and larger, eventually causing the server's disk space to overflow. 

Information Disclosure

Such a security gap exists when it is possible for unauthorized persons to obtain protected data. This can be personal data in the sense of the DSGVO or technical data (TYPO3, database, PHP versions or accesses, etc.), which can then be used to attack the system. 

Cross Site Scripting

In the case of such a security vulnerability, attackers manage to infiltrate malicious code (Javascript, iframe redirects, etc.) via the frontend into the database, which is then delivered unfiltered to other website visitors. Classically, this happens via forms in "user generated content" applications such as forums.

Recommendation for action

The severity - i.e. the level of risk - is classified as medium.

We recommend a timely security update.

Version syntax

One of the most important measures for operating a secure TYPO3 installation is to use a secure TYPO3 version. The TYPO3 Association has developed a binding release policy, which we briefly present below.

TYPO3 Release
A TYPO3 release always consists of three numbers separated by a dot:

<Main version>.<Minor version>.<Patch> (ex. 11.5.12)

Long Term Support(LTS)
For each main version there is always a Long Term Support(LTS) version. It has the highest minor version. In the case of TYPO3 v11 it is 11.5. So there will never be a version 11.6. The lower minor versions(11.0. - 11.5.) are called sprint releases and are not suitable for productive use. LTS versions are provided 1.5 years with maintenance and security updates, which is noticeable in the third place (11.5.0 - 11.5.xx). Another 1.5 years with security updates only.

Extended Long Term Support(ELTS)
The Extended Long Term Support(ELTS) is a paid support offered by the TYPO3 GmbH for TYPO3 versions, which fall out of the LTS (after 3 years). Usually one ELTS is offered for two main versions. So if both versions v11 and v10 are in the LTS, ELTS is offered for v9 and v8. Security updates continue to be delivered as part of this service.

TYPO3 roadmap

The TYPO3 Association regularly updates their TYPO3 development work using a raodmap at:


This roadmap shows which TYPO3 versions are still in LTS or ELTS status and for how long.

Where can I find my exact TYPO3 version?

The release of your TYPO3 installation is displayed in the top left corner of the backend:


Current TYPO3 releases

For security reasons you should always have the latest security patch of your TYPO3 main version installed.

These are currently:

  • TYPO3 11.5.17 LTS (free LTS until 2024-10-31), last security update: 11.5.16, no breaking changes so far
  • TYPO3 10.4.32 LTS (free LTS until 2023-04-30), last security update: 10.4.32, no breaking changes so far
  • TYPO3 9.5.37 ELTS (ELTS with costs until 2024-10-31)
  • TYPO3 8.7.48 ELTS (ELTS with costs until  2023-03-31)

More release information

More can get more information about each release, like

  • the release numer (e.g. 11.5.0, 11.5.1, 11.5.2, usw.) 
  • the type of release (maintenance/secutity)
  • what the release contains ("release notes")

For version 11 this is possible e.g. here


The respective download is also possible here.

Notes / further links

You can also perform a security update yourself. Follow the instructions in our article about applying TYPO3 security patches.

Make sure that the programming language PHP, under which TYPO3 runs, should also be updated regularly. More information in our article about TYPO3 and PHP versions.

We are happy to support you with updates. You can get more info on our support page.