blob: bb144491e66830e9768101edba3610cf89eb280c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
|
gitolite3 (3.5.3.1-1) unstable; urgency=medium
* This release removes world+group read permissions from
~gitolite3/repositories, and world+group read+execute permissions from
~gitolite3/repositories/{gitolite-admin,testing}.git. This corrects a
local information leak present in (at least) version 3.5.2-1 (see
CVE-2013-7203). Note that if these repositories have been moved from
their standard locations, the adminstrator will have do their own
adjusting of permissions.
-- David Bremner <bremner@debian.org> Fri, 03 Jan 2014 20:39:32 -0400
|
