Courtesy of Laël Cellier we are now aware of several rather nasty bugs in git versions 1.7 -1.9, even tho they were patched in 2.7 (released back in Feb, rather quietly I may add). The bugs stem mostly form signed vs. unsigned integers in a strcopy function
path_name()…. okay so now in layman’s terms what the heck does all that mean?
Essentially when you have a really long filename or repo using files with long names using a older version of git, there runs a verifiable risk that you run into what is know as a
heap_overwrite aka 100%+ of container.
Source: git-server-client bugs