The most effective way to protect against these vulnerabilities is to upgrade to Git 2.39.1. If you can’t update immediately, reduce your risk by taking the following steps:
- Avoid invoking the
--formatmechanism directly with the known operators, and avoid running
git archivein untrusted repositories.
- If you expose
git daemon, consider disabling it if working with untrusted repositories by running
git config --global daemon.uploadArch false.
- Avoid using Git GUI on Windows when cloning untrusted repositories.