An arbitrary code execution vulnerability was disovered in fish, a
command line shell. When using the default configuraton of fish,
changing to a directory automatically ran `git` commands in order to
display information about the current repository in the prompt. Such repositories can contain per-repository configuration that change the
behavior of git, including running arbitrary commands.
For the stable distribution (bullseye), this problem has been fixed in