gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup.Referenceshttp://packetstormsecurity.com/files/149438/ManageEngine-SupportCenter-Plus-8.1.0-Cross-Site-Scripting.htmlhttps://lists.fedoraproject.org/pipermail/package-announce/2014-January/125611.htmlhttps://marc.info/?l=oss-security&m=138783069700756&w=2
