A few days ago, the Git project has
announced a security vulnerability: there is a security issue in recursively cloning submodules that can lead to arbitrary code execution.
All git clients on Unix platforms (including Linux and macOS) are vulnerable, including git running in a Linux distribution inside Windows Subsystem for Linux. Git on Cygwin is also vulnerable.
Git for Windows and Visual Studio 2017 are not affected.
Fixes have been posted; Linux distributions have updated packages.
Please update your clients.
Happy cloning,
~Ralph