1
Candidate: CVE-2012-4506
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4506
5
https://groups.google.com/forum/#!topic/gitolite/K9SnQNhCQ-0/discussion
6
https://github.com/sitaramc/gitolite/commit/f636ce3ba3e340569b26d1e47b9d9b62dd8a3bf2
8
Directory traversal vulnerability in gitolite 3.x before 3.1, when wild
9
card repositories and a pattern matching "../" are enabled, allows remote
10
authenticated users to create arbitrary repositories and possibly perform
11
other actions via a .. (dot dot) in a repository name.
14
jdstrand> per Debian Only affects 3.x releases
21
upstream_gitolite: needs-triage
24
natty_gitolite: not-affected
25
oneiric_gitolite: not-affected
26
precise_gitolite: not-affected
27
devel_gitolite: not-affected (2.3-1)