gitolite3 (3.5.3.1-1) unstable; urgency=medium
* This release removes world+group read permissions from
~gitolite3/repositories, and world+group read+execute permissions from
~gitolite3/repositories/{gitolite-admin,testing}.git. This corrects a
local information leak present in (at least) version 3.5.2-1 (see
CVE-2013-7203). Note that if these repositories have been moved from
their standard locations, the adminstrator will have do their own
adjusting of permissions.
-- David Bremner <bremner@debian.org> Fri, 03 Jan 2014 20:39:32 -0400
Generated by dwww version 1.15 on Mon Sep 1 17:03:41 CEST 2025.