TYPO3 Core

This is not necessary as:
1. You can detect version of TYPO3 in other way (for example by detecting specific folders or files, etc.)
2. What more important exploits usually do not try to detect versions. They may applay all known exploits for TYPO3 (for all versions).

I think also that this issue should be fixed.
The version should not be visible in public website.

I'd love to close it but it seems a lid request. :-<
So, who's in to make a patch?

I will fix it and post the patch in some miutes.

I have added the patch

the first patch is wrong, I have patched my changes with previous version of code ;)

I also think that this is no real enhancement:
- You could find out the version by looking at the copyright (year) information of the BE-login page
- You could find it out by trying to request a feature that was introduced in a specific version

All in all, the important part of the version to be hidden is the patch-level, and that is already the case. Is there any other reason for hiding this version number? Otherwise I would like to keep it as is.

- michael

I second Michaels opinion. I see no real point in hiding the version number.

If nobody objects I think we should close this request with "won't fix" on next bugday.

Resolved, no change required:

- There is no real point for hiding the major version (you patch minor versions with security updates, do you?)
- No further feedback for quite some time

Please reopen this issue if you still think this is an important step top be fixed in future versions. An opinion by the security team would be interesting here, but imho "security by more obscurity" is always no way to go.