CentOS Errata and Security Advisory CESA-2005:756-01
CVS (Concurrent Version System) is a version control system.
An insecure temporary file usage was found in the cvsbug program. It is possible that a local user could leverage this issue to execute arbitrary instructions as the user running cvsbug. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-2693 to this issue.
All users of cvs should upgrade to this updated package, which includes a patch to correct this issue.
Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2005-September/012123.html
Affected packages: cvs
Upstream details at: https://rhn.redhat.com/errata/rh21as-errata.html