FEDORA-EPEL-2011-0365 — security update for gitolite — Fedora Updates System

stable

gitolite-1.5.7-2.1.el6

FEDORA-EPEL-2011-0365 created by lkundrak 14 years ago for Fedora EPEL 6

Dylan Alex Simon discovered and reported a directory traversal flaw in the way Gitolite restricted access to admin defined commands ("ADC"). An authenticated attacker could execute arbitrary code with privileges of Gitolite server user using specially crafted command name.

The flaw does not affect default Gitolite installations. Users who have enabled ADC in their configurations are advised to install the updated package which includes a fix to resolve the issue.

This update has been submitted for testing by lkundrak.

This update has been pushed to testing

lkundrak commented & provided feedback 14 years ago

karma

Works for me.

This update has been submitted for stable by lkundrak.

This update has been pushed to stable

Please log in to add feedback.

Metadata

Type

security

Karma

1

Signed

Content Type

RPM

Test Gating

None

Autopush Settings

Unstable by Karma

-3

Stable by Karma

disabled

Stable by Time

disabled

Dates

submitted

14 years ago

in testing

14 years ago

in stable

14 years ago

modified

14 years ago

Builds

1

gitolite-1.5.7-2.1.el6

gitolite-1.5.7-2.1.el6

Automated Test Results

None

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 25.5.1 on bodhi-web-276-nxm75.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

• Composes • Legal • Privacy policy •