Advisories ยป MGASA-2019-0058

Updated gitolite packages fixes security vulnerability

Publication date: 31 Jan 2019
Modification date: 31 Jan 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-20683

Description

In commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables
rsync, mishandles the rsync command line, which allows attackers to have
a "bad" impact by triggering use of an option other than -v, -n, -q, or
-P (CVE-2018-20683).
                

References

SRPMS

6/core