Andrius,
On Friday, March 28, 2025 3:20:06 AM Mountain Standard Time Andrius
Merkys wrote:
> > Alternately, it looks like it should be possible to change the
> > default admin
> > password via the command line before any instance is ever exposed
> > via a manual
> > apache configuration.
> >
> >
Andrius,
I realized that the previous email I sent to this bug did not expressly copy
the submitter, so
you might not have seen it unless you were subscribed to the bug. Please see
the text of
the original email below:
Thank you for submitting this bug report with the associated patch. I a
Andrius,
Thank you for submitting this bug report with the associated patch. I am
sorry it took four years for anyone to respond to it.
In some ways, I find your solution elegant. But I am uncertain how it would
interact with setting up multiple instances. And I am also uncertain that it
is
Package: redmine
Severity: important
Forwarded: https://salsa.debian.org/ruby-team/redmine/-/merge_requests/3
Tags: patch security
Hello,
Upon installing, Redmine is configured with an admin Web account with
well-known password "admin". This is insecure, as anyone with Web access
is able to acces
4 matches
Mail list logo
