| Release | Version |
|---|---|
| jessie | 3.6.1-2+deb8u2 |
| stretch | 3.6.6-1 |
| buster | 3.6.11-2 |
| bullseye | 3.6.12-1 |
| bookworm | 3.6.12-1 |
| trixie | 3.6.12-1 |
| sid | 3.6.12-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-20683 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsyn ... |
| CVE-2018-16976 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | Gitolite before 3.6.9 does not (in certain configurations involving @a ... |
| Bug | Description |
|---|---|
| CVE-2013-7203 | gitolite before commit fa06a34 might allow local users to read arbitra ... |
| CVE-2013-4451 | gitolite commit fa06a34 through 3.5.3 might allow attackers to have un ... |