1 Git v2.17.4 Release Notes
2 =========================
4 This release is to address the security issue: CVE-2020-5260
9 * With a crafted URL that contains a newline in it, the credential
10 helper machinery can be fooled to give credential information for
11 a wrong host. The attack has been made impossible by forbidding
12 a newline character in any value passed via the credential
15 Credit for finding the vulnerability goes to Felix Wilhelm of Google