ÿØÿà JFIF    ÿÛ C    !"$"$ÿÛ C  ÿ p " ÿÄ     ÿÄ   ÿÚ   ÕÔË® (% aA*‚XYD¡(J„¡E¢RE,P€XYae )(E¤²€B¤R¥ BQ¤¢ X«)X…€¤  @ .............................................................................................................................................................................. ............................................................................. ÿØÿà JFIF    ÿÛ C    !"$"$ÿÛ C  ÿ p " ÿÄ     ÿÄ   ÿÚ   ÕÔË® (% aA*‚XYD¡(J„¡E¢RE,P€XYae )(E¤²€B¤R¥ BQ¤¢ X«)X…€¤  @ .............................................................................................................................................................................. ............................................................................. Git v2.17.4 Release Notes ========================= This release is to address the security issue: CVE-2020-5260 Fixes since v2.17.3 ------------------- * With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol. Credit for finding the vulnerability goes to Felix Wilhelm of Google Project Zero.