Re: CVE-2014-0475: glibc directory traversal in LC_* locale handling

[Florian Weimer <fw () deneb enyo de>]

* Rich Felker:

> Am I correct in assuming this affects most typical git setups (e.g.
> gitolite) using ssh authorized_keys files with forced commands, where
> the malicious file could simply be created as part of the git
> repository?

Probably, especially if there is a checkout of the repository in the
file system under a predictable path.  (I expect that most hosted
repositories use the bare format.)  I don't know how common this is
with the existing Git hosting frameworks.  Some of them don't use
OpenSSH and may not implement environment variable processing at all.

> Or are these usually setup to filter the environment?

It seems fairly likely because unexpected, but benign locale settings
would interfere with the hook script processing (which likely assume
U.S. date formats and UTF-8).