Three new vulnerabilities have been fixed for Ruby on Rails, on which Gitorious is built. Read the original Ruby on Rails sec-list announcements for further details.
The steps for upgrading are, as usual (from within the root gitorious clone/source directory):
git fetch --tags git merge v2.4.12 git submodule update --init bundle install
We advise all users running their own Gitorious servers to upgrade immediately. Note that the Gitorious Community Edition installer has also been updated to install v2.4.12 now.