|
Message-ID: <5074FE37.4000905@redhat.com> Date: Tue, 09 Oct 2012 22:48:55 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Eitan Adler <lists@...anadler.com> Subject: Re: CVE Request: gitolite path traversal vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/09/2012 09:45 PM, Eitan Adler wrote: > Announcement: > https://groups.google.com/forum/#!topic/gitolite/K9SnQNhCQ-0/discussion > > Code change: > https://github.com/sitaramc/gitolite/commit/f636ce3ba3e340569b26d1e47b9d9b62dd8a3bf2 Please > use CVE-2012-4506 for this issue. > Hope I did this right ;) Yup, only thing better would have been to mention the previous gitolite CVE (from April 2011) which is different than this (similar but different =). - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQdP40AAoJEBYNRVNeJnmTiKMQAJD4nyKyxX47GWVbrpmv9yRh GubQfh4hSPgwCGsWtpw2omON14YHWEWOASdYNSsFs7RXfRVJSsESC0ZSsQVC7y0l /JJUIS3Ilv6ih8dcKnyP48/Zpu/gDPOXHoMw7g6Bc5TiXB5NWj8uQCfdMptXB2Fd eUk3WfFEBbubZGlmT31589O4pzIFvz5dtrlOnb30HASeHuOCNZdbYN7Ok7/XKIvM zgivnqkDbVYDMNhF3qpdQuNau443V7b8FlcjyoYvEqne688RY8U05NEy3/i1fHUI 1W7qxlgEbtcRPBPkEE9XkQMvAuNBeuMRfAiqLbGr7Q360LRcxnvGUd+OtRogJzuA 3DLNMuETvgwTWO7KPwPu4y1CCGyK8VUeuQMmtbNZx1S5rBeIhr/QwqPKEplm+Uka SSHmdo09YtdV/JIRRM7xsLfSUXIFER8LWchZaGAWg3rvwRtxYTZC0seU+MzSJ58q +2KVBJpuV3C1DVPlLpjbql8N1emQ5G52cKAI4Fj9Hzdjz/qcUdPVQmN6BnDJ46sY jDetuTK5J1M6OiqaNsCDnMMF0gBoN4KQgyNGGbMGedBi2fGqBVgyABE0DVHuX86C gWFO0eaHXwavV9uGWkMx+w89JIHuns8VkgtC3BRJmbXM0Pqy9Gz+CJJVyD/kcDxB uCf/vwE0iCqyVJU70EJp =nzck -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.