oss-sec mailing list archives
CVE Request: gitolite world writable files for fresh installs of v3.5.3
From: Sitaram Chamarty <sitaramc () gmail com>
Date: Mon, 21 Oct 2013 10:24:51 +0530
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Announcement: https://groups.google.com/forum/#!topic/gitolite/Tu1sjaf7A4A/discussion Code change: https://github.com/sitaramc/gitolite/commit/3dad4f8e3214d6ab5f71823019a624fa48b055a3 (or) http://code.google.com/p/gitolite/source/detail?r=3dad4f8e3214d6ab5f71823019a624fa48b055a3# Brief description (main points of announcement): Fresh installs between fa06a34 (approx Sep 3rd) and v3.5.3, inclusive, create a few world writable files. Sites which installed before that date are not affected, even if they subsequently upgraded to the faulty commit or beyond. Affected sites need to run a one-time 'chmod -R' to fix. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSZLOUAAoJEKRCkIUIgjelLpQP/AzeupcvdnTZE2vycwn5nXA+ Elk/NzHA8sfXGy220FPJMWI4Ke6rpvq8dXWqBAwFWtrpVvFK67Hm08SCFaneCglk PacUfs1j5n2rYjOwDu8OExSpjYcbkEPRNw/KxXdpOHjTG64n7uMGbCntWoOfvyn7 NfGL94eDFWTbeiXX58vqdEQoQWrJEI9ldTuozwv/b3O6XCSE9Z3XTortkXmBHv2U 7SvP1IZm5+ZPOUNV7tOy2U9IjdBB6ncbAGDbhZZTwJfIT0IZCXZ5a0ECRZ/j9zAr 7QHeDxNyBFAuz0QsO/b2WV9e0gQX3cEVdPofjGLcX4BbncxI/WaSnOpH0YSjanID C/SCThJXfJ1s+L26FVKPNsf5eAVPYLkX1OeEqCfM5arioDXuKbMSBM2rkKxEcxYA +23GtkG4rHxmWjTsFXAKhMO82x0PIH4tpH1JpHZpAuk+A6i8Ex9O7fxs/D+C1Y9B dyoQC1dIRkJfz5w0KVCEj+/Z8seMWpUKf8o63BKgfMFabd7tdPClR2ly1R9Y2ckP VVSkk5zyjppjv+MHPiMp/4kWtPs+xL41+nmbpnyc+rDlbcEus7+ggHCwZnlLqFuf CLsjy42VJsULxnsdpTIlM6iDxO6YP/aKT4bX8IiEnHyHG3BoqxmnmNAQrehjdLVl oF5XJs1MkTmzPttHx9zY =LUfF -----END PGP SIGNATURE-----
Current thread:
- CVE Request: gitolite world writable files for fresh installs of v3.5.3 Sitaram Chamarty (Oct 20)
- Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3 Kurt Seifried (Oct 21)
- Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3 Salvatore Bonaccorso (Dec 23)
- Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3 cve-assign (Dec 23)
- Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3 Salvatore Bonaccorso (Dec 23)
- Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3 Kurt Seifried (Oct 21)