Developers urged to update client software with Git 2.17.1.1. The fix was for a serious vulnerability that would allow attackers to create malicious Git repositories and use them to carry out arbitrary code execution on user’s machines. This update is designed to fix the flaw, which is essentially a vulnerability in the way Git configures submodule repository configuration during cloning. GitHub reported that 24 million developers are now using GitHub to host 67 million total code repositories. GitHub has seen a meteoric growth in its relevance within the enterprise developer community.”]
Source: https://www.darkreading.com/application-security/git-fixes-serious-code-repository-vulnerability