Update now! High severity flaws found in Git for Windows, patched

The Git project released new versions to address some  of the security vulnerabilities that affect versions 2.40.0 and older.

Git was patched to address to fix CVE-2023-25652, CVE-2023-29007, Windows-specific vulnerabilities: CVE-2023-25815, CVE-2023-29011, and CVE-2023-29012. The Git for Windows project released new versions including the fixes for all five of these vulnerabilities.

Recommendation and workaround

The easiest way to protect against exploits of these vulnerabilities is to upgrade to the latest Git release version 2.40.1

Open Windows Command Prompt or Git Bash, and run below command:
git update-git-for-windows

If you see these errors with “is not a git command” then either you don’t actually have Git for Windows, or your version is very old.

In which case, simply get the latest installer from https://git-scm.com/download (check whether you want 32- or 64-bit) and run it to upgrade.

sapnagroup has updated all its systems with the latest version of git.

Ref: https://github.blog/2023-04-25-git-security-vulnerabilities-announced-4/