Git has released new versions to address two security vulnerabilities, CVE-2022-39253 and CVE-2022-39260, affecting versions 2.38 and older. The first vulnerability, CVE-2022-39253, involves Git's --local clone optimization, which could allow symbolic links to be improperly dereferenced, potentially breaching security boundaries. Git has now restricted cloning via this optimization if symbolic links are present and changed the default setting for file protocol safety. The second vulnerability, CVE-2022-39260, is an integer overflow in git shell's interactive mode, which could lead to arbitrary code execution in unsafe configurations. To mitigate these risks, users are advised to upgrade to Git 2.38.1 or follow specific precautionary steps if immediate updates are not possible. GitHub has also taken measures to protect its users, including scheduling updates for GitHub Desktop, Codespaces, and Actions, and ensuring that their repository storage backend and Pages service are not affected by these vulnerabilities.