commands/rsync in Gitolite prior to 3.6.11, if .gitolite.rc enables rsync, mishandles the rsync command line, which allows malicious users to have a "bad" impact by triggering use of an option other than -v, -n, -q, or -P.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitolite gitolite |