A critical security vulnerability has been found affecting all versions of the Git client ^1. If not patched, remote repos could be able to modify the .git config and execute commands on the system. The Git core team has announced maintenance releases for all current versions of Git (v18.104.22.168, v1.9.5, v2.0.5, v2.1.4, and v2.2.1).
Don't forget, even if not used directly, Git is still utilised in many popular tools including:
- Composer (PHP)
Be careful when using remote repos. Github has scanned all repos and therefore, should be considered safe.
$ brew update && brew upgrade git
- Install homebrew
- Wait for Apple to release the fix
$ sudo add-apt-repository ppa:git-core/ppa $ sudo apt-get update $ sudo apt-get install git
$ sudo yum update git
- Update mSysGit