Debian DSA-2407-1 : cvs - heap overflow
Critical Nessus Plugin ID 57880
SynopsisThe remote Debian host is missing a security-related update.
DescriptionIt was discovered that a malicious CVS server could cause a heap overflow in the CVS client, potentially allowing the server to execute arbitrary code on the client.
SolutionUpgrade the cvs packages.
For the stable distribution (squeeze), this problem has been fixed in version 1:1.12.13-12+squeeze1.