Marcus Krause

  • Registered on: 2008-04-27
  • Last connection: 2015-05-05

Issues

Projects

Activity

2014-12-18

14:02 TYPO3 Core Feature #21779: Integrate OWASP ESAPI for PHP
FYI: ESAPI for PHP is dead.
Nonetheless, the idea to have something like this is good.
13:57 TYPO3 Core Feature #28230: Add support for PBKDF2 to hashing
I started with this feature in March 2013 - see https://twitter.com/t3sec/status/313413250693881858
Let's see if I c...

2013-12-01

13:57 TYPO3 Core Bug #48692 (New): Properly escape data in PermissionAjaxController

2013-11-30

19:51 TYPO3 Core Bug #48692 (Accepted): Properly escape data in PermissionAjaxController
to be tested
17:30 TYPO3 Core Task #54106 (Resolved): Remove non-evaluated parameter from _GP function calls
Applied in changeset commit:575f0ba441a74fa46df790aacf089d95ed76f7b5.
17:06 TYPO3 Core Task #54106 (Resolved): Remove non-evaluated parameter from _GP function calls
Long time ago, _GP() function had a second function argument (regarding stripslashes). Calls with this argument are s...

2013-11-28

19:12 TYPO3 Core Bug #33277: sqlI in extension manager
according to
http://buzz.typo3.org/teams/security/article/incident-handling-of-typo3-core-issues/
this should be ha...
18:45 TYPO3 Core Bug #24733: Label with comma in required form fields causes problems in popup
no longer a security issue - only bug
16:37 TCA Reference Bug #16686: tca readonly columns are writeable with tce_main
Has no Security impact.
Maybe needs clarified documentation that this property is only about appearance in the for...

2013-09-22

14:14 TYPO3 Core Feature #52170: Add brute force protection to TYPO3 backend
Hey Torben,
thank you for your patch. Following, I refer to your patchset 2.
I consider it a good idea to tak...

Also available in: Atom