Some of you may already have seen this, but a critical git security vulnerability has just been announced. In short, the vulnerability allows *arbitrary command execution on clients*, and affects *all case-insensitive file systems*.
Github published a nice summary [1] with links to a whole bunch of client vendors who have released patches that fix this problem, as well as a little more details (and links to a lot more details) on what the problem was. I think it would be a good idea to update Julia to make sure that whatever git version Pkg uses isn't exposed, although I'm not quite sure what is required to do so. [1]: https://github.com/blog/1938-vulnerability-announced-update-your-git-clients // Tomas
