Home / Companies / GitHub / Blog / Post Details
Content Deep Dive

Vulnerability announced: update your Git clients

Blog post from GitHub

Post Details
Company
Date Published
Author
Vicent Martí
Word Count
387
Company Posts That Month
9
Language
English
Hacker News Points
-
Post removed?
No
Summary

A critical security vulnerability affecting all versions of the official Git client and related software has been disclosed, which allows attackers to execute arbitrary commands on client machines by crafting malicious Git trees. This vulnerability impacts Git clients on case-insensitive or case-normalizing filesystems, specifically targeting those running on OS X (HFS+) and Microsoft Windows (NTFS, FAT), while Linux clients remain unaffected if operating on case-sensitive filesystems. GitHub and GitHub Enterprise users are urged to update their Git clients immediately and exercise caution when interacting with repositories from untrusted sources. GitHub has taken measures to block malicious trees on its platform and has scanned existing content for potential threats. Updated versions of GitHub for Windows and Mac, as well as the Git core and libraries like libgit2 and JGit, have been released with security fixes. Further details are available through the official Git mailing list announcement and the git-blame blog.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.