9 matches found
CVE-2018-20683
commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsync, mishandles the rsync command line, which allows attackers to have a "bad" impact by triggering use of an option other than -v, -n, -q, or -P...
Mageia: Security Advisory (MGASA-2019-0058)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2019:0054-1 Security update for gitolite
This update for gitolite fixes the following security issue: - CVE-2018-20683: The rsync command line was not handled correctly, allow malicious rsync options boo1121570 The version update to 3.6.11 also contains a number of upstream bug fixes...
MGASA-2019-0058 Updated gitolite packages fixes security vulnerability
In commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsync, mishandles the rsync command line, which allows attackers to have a "bad" impact by triggering use of an option other than -v, -n, -q, or -P CVE-2018-20683...
Updated gitolite packages fixes security vulnerability
In commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsync, mishandles the rsync command line, which allows attackers to have a "bad" impact by triggering use of an option other than -v, -n, -q, or -P CVE-2018-20683...
openSUSE Security Update : gitolite (openSUSE-2019-54)
This update for gitolite fixes the following security issue : - CVE-2018-20683: The rsync command line was not handled correctly, allow malicious rsync options boo1121570 The version update to 3.6.11 also contains a number of upstream bug fixes. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
openSUSE: Security Advisory for gitolite (openSUSE-SU-2019:0054-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2018-20683
commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsync, mishandles the rsync command line, which allows attackers to have a "bad" impact by triggering use of an option other than -v, -n, -q, or -P...
CVE-2018-20683
Gitolite before 3.6.11 has a vulnerability in commands/rsync where enabling rsync via .gitolite.rc mishandles the rsync command line, allowing an attacker to trigger an option other than -v, -n, -q, or -P. Affected product is Gitolite; root cause is improper handling of rsync options when rsync i...