Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs.
Created git tracking bugs for this issue:
Affects: fedora-all [bug 1781959]
oss-security mailing list reference:
This issue did not affect the versions of git as shipped with Red Hat Enterprise Linux 6, 7, and 8 as this is a Windows only issue and it does not affect the Linux versions of git.