Bernd May

  • Registered on: 2010-07-22
  • Last connection: 2012-11-02


Reported issues: 1


00:32 Redmine Feature #12296 (New): Add HSTS enforcement support to Redmine
During initial HTTPS session setup an attacker is able to run a MitM SSLStrip attack agains a client connecting to th...


21:06 Redmine Feature #11542: Improve password security and use some standards.
While you might not call it brute forcing, when using a large dictionary it essentially is. Every second thus gained ...


23:34 Redmine Open discussion: Security Audit of Redmine
Hey, I am fairly new to web app deployment but one issue just keeps nagging at me since I began with redmine in our c...

Also available in: Atom