Forgot to say thanks for all your help and share the link! https://portswigger.net/daily-swig/git-security-newline-injection-bug-tricked-version-control-system-into-leaking-usernames-and-password Much appreciated... On Wed, 15 Apr 2020 at 16:47, Jeff King <peff@xxxxxxxx> wrote: > > On Wed, Apr 15, 2020 at 08:19:18AM -0700, Junio C Hamano wrote: > > > > What is your advice to Git users? > > > > Release is announced and users are urged to upgrade, like you wrote > > on your article at The Daily Swig. > > There's a little more detail and some workarounds discussed in the > advisory at: > > https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q > > -Peff -- Adam Bannister The Daily Swig https://portswigger.net/daily-swig
