2013-10-14 v3.5.3 catch undefined groupnames (when possible) mirroring: async push to slaves (some portability fixes) (a couple of contrib scripts - querying IPA based LDAP servers for group membership, and user key management) allow groups in subconf files (this *may* slow down compilation in extreme cases) make adding repo-specific hooks easier (see cust.mkd or cust.html online for docs) smart http now supports git 1.8.2 and above (which changed the protocol requirements a wee bit) Please add it to the tree
Maybe not? http://www.openwall.com/lists/oss-security/2013/10/21/1
(In reply to Markos Chandras from comment #1) > Maybe not? > > http://www.openwall.com/lists/oss-security/2013/10/21/1 Thanks, it should be fixed in 3.5.3.1, reassigning to security@g.o https://github.com/sitaramc/gitolite/commit/3dad4f8e3214d6ab5f71823019a624fa48b055a3
This is not a security bug. The bug happened in 3.5.3 which is not in the tree.
*** Bug 489856 has been marked as a duplicate of this bug. ***
Added to the tree.