Your message dated Sat, 15 Sep 2018 16:34:06 +0000
with message-id <[email protected]>
and subject line Bug#908699: fixed in gitolite3 3.6.9-1
has caused the Debian Bug report #908699,
regarding gitolite3: CVE-2018-16976: prevent access to repos which are in the
process of being migrated
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
908699: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908699
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: gitolite3
Version: 3.6.6-1
Severity: important
Tags: security upstream
Hi
Filling this for tracking, David did you or upstream requested
accordingly a CVE?
Announce: https://groups.google.com/forum/#!topic/gitolite-announce/WrwDTYdbfRg
Fix:
https://github.com/sitaramc/gitolite/commit/dc13dfca8fdae5634bb0865f7e9822d2a268ed59
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: gitolite3
Source-Version: 3.6.9-1
We believe that the bug you reported is fixed in the latest version of
gitolite3, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
David Bremner <[email protected]> (supplier of updated gitolite3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 15 Sep 2018 12:37:48 -0300
Source: gitolite3
Binary: gitolite3
Architecture: source
Version: 3.6.9-1
Distribution: unstable
Urgency: high
Maintainer: David Bremner <[email protected]>
Changed-By: David Bremner <[email protected]>
Description:
gitolite3 - SSH-based gatekeeper for git repositories (version 3)
Closes: 908699
Changes:
gitolite3 (3.6.9-1) unstable; urgency=high
.
* New upstream version
* Bug fix: "CVE-2018-16976: prevent access to repos which are in the
process of being migrated", thanks to Salvatore Bonaccorso (Closes:
#908699).
Checksums-Sha1:
44d04a3aba3df99232eea72db073ef9220b8d364 1804 gitolite3_3.6.9-1.dsc
a25a3beadef61ad79c644f60b4c45fab58fb4cfa 198232 gitolite3_3.6.9.orig.tar.gz
7a572f2ec33eb0caacc3591ee0cbef859bf549e8 18896 gitolite3_3.6.9-1.diff.gz
Checksums-Sha256:
2bf12bbd80f369396d9db1265b4fd6a0c12c87f82dc9d7e4f4bd16b115f1a790 1804
gitolite3_3.6.9-1.dsc
22fcd1cca953b2d3a2c3983fd8e01c6736e19e61e2a8d6123d5e7aa83702292d 198232
gitolite3_3.6.9.orig.tar.gz
87fcfe545823dbaa8a2fcea60e17b245dd86ab1617b4e037d2c7af7a918e0b97 18896
gitolite3_3.6.9-1.diff.gz
Files:
8b2ad9202e98fa76f49ac44a801a1b24 1804 vcs optional gitolite3_3.6.9-1.dsc
5e635b83af537c576d1d9f35f30d7de0 198232 vcs optional
gitolite3_3.6.9.orig.tar.gz
3153a4da6d7f00d7eef837dffaa72dbd 18896 vcs optional gitolite3_3.6.9-1.diff.gz
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCAAdFiEE3VS2dnyDRXKVCQCp8gKXHaSnniwFAludMcMACgkQ8gKXHaSn
nix2PgwAgztaajhGffPYHI+ZNzGal68fyrqlkyZMQl7l8ho+eLWdIxTdvPMUww3o
1kDiK6FOBQ74rcsqSimshp3k84LpcCKgJqT/4bxKR9iAWHVYoxEpWjaspZ6+JTUW
Sh+elbiWF7JLk91Dx/p/heyl4R009G7fasrC8FSYu+oqfSOnF8ugcIibsEs1tsHG
n3b/lyw28DugF2Elij2vsmx5E7fXzZ7OvnFoxpfR3qu9HtoNy0c8a+my9lpSur+X
6H7oLAU7lOzdY39PtgaPVicT9rb/AwuHP5z6g9It797cyAEJp8etr4jr+6Rn8rht
KZZZ+DonqZ+V5cV412eUpYluoBCOGMEOGPctmdJMQBTttCjovyFVOnnQfsrRf62i
exU+u9+m2zc1mj9pvuLuRwLtg9o8i35sOWM87LqBlKuzJvKuCHdY5obmnyK6+NqF
WubjZdMUx2joQgIGVTeDSBrz+LPC4f666YGa3nj2F/Nw+eS+Q4l25MNr5J8xlFls
/VH7tLtu
=Hrrg
-----END PGP SIGNATURE-----
--- End Message ---
