www.ciandcd.com

软件持续集成和持续发布 QQ群:172758282 / 567940397 / 567931165 Build Status

Did you install GitLab from source? Check your Git version

From:https://www.gitlab.com/2015/06/12/did-you-install-gitlab-from-source-recently-check-your-git-version/

Did you install GitLab from source? Check your Git version

Although the preferred way to install GitLab is to use our omnibus packages, you can also install GitLab Community Edition or Enterprise Edition ‘from source’. If you used this installation method, and if you compiled Git from source in the process then please check whether your Git version defends against Git vulnerability CVE-2014-9390. This issue does not apply to our Omnibus packages (DEB or RPM).

Although GitLab itself is not affected by CVE-2014-9390, a GitLab server may be used to deliver ‘poisoned’ Git repositories to users on vulnerable systems. Upgrading Git on your GitLab server stops users from pushing poisoned repositories to your GitLab server.

Due to an oversight, the guide for installing GitLab from source still contained instructions telling administrators to install Git 2.1.2 if the version of Git provided by their Linux distribution was too old. Git 2.1.2 does not defend against CVE-2014-9390.

If your GitLab server uses /usr/local/bin/git please check your Git version using the instructions in this upgrade guide.

Install GitLab on your own server in 2 minutes Let's do it!

Install GitLab on your own server in 2 minutes

Browse all posts

@gitlab on Twitter.

For the latest and most detailed news followon Twitter.

Get every GitLab blog post and stay up to date.

Please enable JavaScript to view the <a href="http://disqus.com/?ref_noscript">comments powered by Disqus.</a>

Posted Mon 08 May 2017 by itech001 in scm

QQ群:172758282 / 567940397 / 567931165