This update for git fixes the following issue: - CVE-2018-17456: Git allowed remote code execution during processing of a recursive quot;git clonequot; of a superproject if a .gitmodules file has a URL field beginning with a "-" character. .