Posts about Security
Git(CVE-2017-1000117), Mercurial(CVE-2017-1000115, CVE-2017-1000116) and SVN(CVE-2017-9800) recently released fixes for vulnerabilities in their client-side applications that could lead to remote code execution on the victims machine.
A few weeks ago, a "vulnerability" was discovered in a new security feature that shipped in Git 2.2.0: signed pushes. No need to panic though! It is vanishingly unlikely that anyone would be able to successfully exploit this particular problem. In fact, the issue was quietly fixed a few days ago in the 2.3.7 point release.