DescriptionGitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly restrict access to a Git repository that is in the process of being migrated until the full set of migration steps has been completed. This can allow valid users to obtain unintended access.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.SUSE Bugzilla entry: 1108272 [RESOLVED / FIXED] SUSE Security Advisories:
- openSUSE-SU-2018:3035-1, published Fri, 5 Oct 2018 21:10:02 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Leap 15.0|| ||Patchnames:
|openSUSE Leap 42.3|| ||Patchnames: