From 0e4938d269815a5bf1dd8c16e851cb1199fc5317 Mon Sep 17 00:00:00 2001
From: Pradyun Gedam <pradyunsg@users.noreply.github.com>
Date: Sat, 24 Apr 2021 10:17:20 +0100
Subject: [PATCH] :newspaper:

---
 news/9827.bugfix.rst | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 news/9827.bugfix.rst

diff --git a/news/9827.bugfix.rst b/news/9827.bugfix.rst
new file mode 100644
index 00000000000..e0d27c36cfe
--- /dev/null
+++ b/news/9827.bugfix.rst
@@ -0,0 +1,3 @@
+**SECURITY**: Stop splitting on unicode separators in git references,
+which could be maliciously used to install a different revision on the
+repository.