oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request: gitolite world writable files for fresh installs of v3.5.3

From: Sitaram Chamarty <sitaramc () gmail com>
Date: Mon, 21 Oct 2013 10:24:51 +0530
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Announcement:
    https://groups.google.com/forum/#!topic/gitolite/Tu1sjaf7A4A/discussion

Code change:
    https://github.com/sitaramc/gitolite/commit/3dad4f8e3214d6ab5f71823019a624fa48b055a3
        (or)
    http://code.google.com/p/gitolite/source/detail?r=3dad4f8e3214d6ab5f71823019a624fa48b055a3#

Brief description (main points of announcement):
    Fresh installs between fa06a34 (approx Sep 3rd) and v3.5.3,
    inclusive, create a few world writable files.  Sites which installed
    before that date are not affected, even if they subsequently
    upgraded to the faulty commit or beyond.  Affected sites need to run
    a one-time 'chmod -R' to fix.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSZLOUAAoJEKRCkIUIgjelLpQP/AzeupcvdnTZE2vycwn5nXA+
Elk/NzHA8sfXGy220FPJMWI4Ke6rpvq8dXWqBAwFWtrpVvFK67Hm08SCFaneCglk
PacUfs1j5n2rYjOwDu8OExSpjYcbkEPRNw/KxXdpOHjTG64n7uMGbCntWoOfvyn7
NfGL94eDFWTbeiXX58vqdEQoQWrJEI9ldTuozwv/b3O6XCSE9Z3XTortkXmBHv2U
7SvP1IZm5+ZPOUNV7tOy2U9IjdBB6ncbAGDbhZZTwJfIT0IZCXZ5a0ECRZ/j9zAr
7QHeDxNyBFAuz0QsO/b2WV9e0gQX3cEVdPofjGLcX4BbncxI/WaSnOpH0YSjanID
C/SCThJXfJ1s+L26FVKPNsf5eAVPYLkX1OeEqCfM5arioDXuKbMSBM2rkKxEcxYA
+23GtkG4rHxmWjTsFXAKhMO82x0PIH4tpH1JpHZpAuk+A6i8Ex9O7fxs/D+C1Y9B
dyoQC1dIRkJfz5w0KVCEj+/Z8seMWpUKf8o63BKgfMFabd7tdPClR2ly1R9Y2ckP
VVSkk5zyjppjv+MHPiMp/4kWtPs+xL41+nmbpnyc+rDlbcEus7+ggHCwZnlLqFuf
CLsjy42VJsULxnsdpTIlM6iDxO6YP/aKT4bX8IiEnHyHG3BoqxmnmNAQrehjdLVl
oF5XJs1MkTmzPttHx9zY
=LUfF
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: