This is a security-fix for CVE-2014-9390, which affects users on Windows and Mac OS X
but not typical UNIX users. A set of new service releases 18.104.22.168412180340-r and
22.214.171.124412180710-r are published and they contain the same fix.
Various implementations and ports, including Git for Windows, Git OS X installer,
JGit & EGit, libgit2 (and Visual Studio which uses it) have been updated at the same time.
Please update your JGit & EGit if you are on Windows or Mac OS X.
Also see the announcement on the git mailing list
Find the new JGit & EGit releases here
The JGit Maven artifacts have also been deployed to Maven central and should become
visible there as soon as synchronization has finished.
Release 3.5.3 is also available in the Eclipse Marketplace
We plan to release 3.6.0 in the next days.