Debian Linux Security Advisory 3435-1 - Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this issue to execute arbitrary code by injecting commands via crafted URLs.
79e3590b0ad8688b6035120a579889261e6e6c3face4d28a132126be082d0fb3