* A shell command injection flaw related to the handling of "ssh" URLs has
been discovered in Git. An attacker could use this flaw to execute shell
commands with the privileges of the user running the Git client, for
example, when performing a "clone" action on a malicious repository or a
legitimate repository containing a malicious commit. (CVE-2017-1000117)
--