Security update for gitolite (moderate)

This update for gitolite fixes the following issues:

Gitolite was updated to 3.6.9:

• CVE-2018-16976: prevent racy access to repos in process of migration to
  gitolite (boo#1108272)
• ‘info’ learns new ‘-p’ option to show only physical repos (as opposed to
  wild repos)

The update to 3.6.8 contains:

• fix bug when deleting all hooks for a repo
• allow trailing slashes in repo names
• make pre-receive hook driver bail on non-zero exit of a pre-receive hook
• allow templates in gitolite.conf (new feature)
• various optimiations

The update to 3.6.7 contains:

• allow repo-specific hooks to be organised into subdirectories, and allow
  the multi-hook driver to be placed in some other location of your choice
• allow simple test code to be embedded within the gitolite.conf file; see
  contrib/utils/testconf for how. (This goes on the client side, not on
  the server)
• allow syslog "facility" to be changed, from the default of ‘local0’
• allow syslog "facility" to be changed, from the default of replaced with
  a space separated list of members

The update to 3.6.6 contains:

• simple but important fix for a future perl deprecation (perl will be
  removing "." from @INC in 5.24)
• ‘perms’ now requires a ‘-c’ to activate batch mode (should not affect
  interactive use but check your scripts perhaps?)
• gitolite setup now accepts a ‘-m’ option to supply a custom message
  (useful when it is used by a script)