Update on Git and Mercurial vulnerability

The maintainers of the Git and Mercurial open source projects have identified a vulnerability in the Git and Mercurial clients for Macintosh and Windows operating systems that could allow critical files to be overwritten with unwanted files, including executables.

Because this is a client-side vulnerability, Bitbucket itself is not affected; however, we recommend you update your Git client with one of the published Git maintenance releases (, 1.9.5, 2.0.5, 2.1.4 and 2.2.1) or Mercurial client with the latest release.

If you are also using SourceTree please follow these instructions to update your Git client: