| Description: | Dylan Simon discovered that gitolite, a SSH-based gatekeeper for git repositories, is prone to directory traversal attacks when restricting admin defined commands. This allows an attacker to execute arbitrary commands with privileges of the gitolite server via crafted command names. Please note that this only affects installations that have ADC enabled. The oldstable distribution is not affected by this problem, it does not include gitolite. |