Permissions on user upload directories are broken

There seems to be a permissions problem with the directories in which user uploads (profile pictures, etc.) are stored. Running the following as root fixed the issue (so far):

find /var/opt/gitlab/gitlab-rails/uploads -type d -print0 | xargs -0 chmod a+rx
find /var/opt/gitlab/gitlab-rails/uploads -type f -print0 | xargs -0 chmod a+r

We're running Ubuntu 14.04.1 LTS using the stock omnibus install (7.4.0 upgraded from 7.0.0) with nginx.

From inspection beforehand, all the directories under gitlab-rails/uploads/ had ownership git:git and were set with permissions drwx------, preventing nginx (running as gitlab-www:gitlab-www) from accessing their contents. IIRC, the files also had ownership git:git but were set with permissions -rw-r--r--.

Running gitlab-ctl show-config reports:

{
  "gitlab": {
    "bootstrap": {

    },
    "user": {
      "git_user_email": "<snip>"
    },
    "redis": {

    },
    "gitlab-rails": {
      "gitlab_default_project_limits": 99,
      "secret_token": "<snip>",
      "gitlab_host": "<snip>",
      "gitlab_email_from": "<snip>",
      "gitlab_https": true,
      "gitlab_port": 443
    },
    "gitlab-shell": {

    },
    "unicorn": {

    },
    "sidekiq": {

    },
    "nginx": {
      "redirect_http_to_https": true,
      "ssl_certificate": "/etc/gitlab/ssl/server.crt",
      "ssl_certificate_key": "/etc/gitlab/ssl/server.key",
      "ssl_protocols": "TLSv1 TLSv1.1 TLSv1.2"
    },
    "logging": {

    },
    "remote-syslog": {

    },
    "logrotate": {

    },
    "high-availability": {

    },
    "postgresql": {

    },
    "web-server": {

    }
  }
}