Found on Ars Technica — "Critical Git bug allows malicious code execution on client machines":
Developers who use the official Git client and related software are being urged to install a security update that kills a bug that could allow attackers to hijack end-user computers.
The critical vulnerability affects all Windows- and Mac-based versions of the official Git client and related software that interacts with Git repositories, according to an advisory published Thursday. The bug can be exploited to give remote code execution when the client software accesses booby-trapped Git repositories.
(Score: 0) by Anonymous Coward on Tuesday December 23 2014, @09:22AM
p.s. you may wish to update your sig too.