MGASA-2017-0284 Updated cvs package fixes security vulnerability
It was discovered that CVS, a centralised version control system, did not correctly handle maliciously constructed repository URLs, which allowed an attacker to run an arbitrary shell command CVE-2017-12836...