Alexander Pavlov

  • Registered on: 2009-02-11
  • Last connection: 2011-11-11

Activity

Reported issues: 2

2009-05-15

09:03 Redmine Defect #3351: Weak autologin token generation algorithm causes duplicate tokens
Jean-Philippe Lang wrote:
> That's what I did when I said that I never experienced this issue.
Probably you are n...

2009-05-14

10:00 Redmine Defect #3351: Weak autologin token generation algorithm causes duplicate tokens
Also, you could check your DB to ensure you have really never affected by this vulnerability...
09:58 Redmine Defect #3351: Weak autologin token generation algorithm causes duplicate tokens
Small example from our developers...
09:47 Redmine Defect #3351: Weak autologin token generation algorithm causes duplicate tokens
>I never experienced
We suspect it is due to process forking which leads to random sequence seed *inherited* from ...

2009-05-13

11:06 Redmine Defect #3351: Weak autologin token generation algorithm causes duplicate tokens
Also, I suggest to deny login if search by autologin within Token table returned 2 or more records - it allows to pre...
10:56 Redmine Defect #3351 (Closed): Weak autologin token generation algorithm causes duplicate tokens
After switching to mod_passenger we got 7 (seven!) duplicated autologin tokens within 2 weeks. It caused some changes...

2009-03-06

12:11 Redmine Defect #2719: Increase username length limit from 30 to 60
Enderson Maia wrote:
> Added a patch that fixes it on 0.8-stable
Thank you, Enderson!

2009-02-11

15:16 Redmine Defect #2719 (Closed): Increase username length limit from 30 to 60
We use LDAP authorization and our logins consist of firstname.lastname.companyname.
As result, we faced problem wi...

Also available in: Atom