This update for git to version 2.13.6 fixes the following issues:

* CVE-2017-14867: Various Perl scripts did not use safe_pipe_capture() instead of backticks, leaving them susceptible to end-user input (boo#1061041)

As an additional measure, "git cvsserver" no longer is invoked by "git daemon" by default.