2.2.1 addresses an RCE on windows & mac clients http://article.gmane.org/gmane.linux.kernel/1853266 for announce. Packages not yet available.
We don't need a confidential bug for a released vuln (I think).
We don't need 2.2.1. All the major Git branches received updates today. As talked about in #vcs, we should stay inside the current release branch and not cross version boundaries.
Built and deployed git 1.9.5 on git1 and git2.
Additionally, 2.2.1 packages were built and put into mrepo, but not deployed.