From the advisory: >Concurrent Versions System (CVS) is the dominant open-source version control software that allows >developers to access the latest code using a network connection. CVS version 1.11.4 and below contain >a flaw that can be used by a remote attacker to execute arbitrary code on the server.
glsa sent