CVSWeb insecure perl "open" Vulnerability

CVSWeb insecure perl "open" Vulnerability

Solution:
Upgrade to at least version 1.86 available from http://stud.fh-heilbronn.de/~zeller/cgi/cvsweb.cgi/

Debian:
Fixed in: Debian 2.1 (slink):
Source:
http://security.debian.org/dists/slink/updates/source/cvsweb_109.dsc
http://security.debian.org/dists/slink/updates/source/cvsweb_109.tar.gz
Architecture-independent binary:
http://security.debian.org/dists/slink/updates/binary-all/cvsweb_109_all.deb
Debian 2.2 (potato):
Source:
http://http.us.debian.org/debian/dists/potato/main/source/devel/cvsweb_1.79-3potato1.diff.gz
http://http.us.debian.org/debian/dists/potato/main/source/devel/cvsweb_1.79-3potato1.dsc
http://http.us.debian.org/debian/dists/potato/main/source/devel/cvsweb_1.79.orig.tar.gz
Architecture-independent binary:
http://http.us.debian.org/debian/dists/potato/main/binary-all/devel/cvsweb_1.79-3potato1.deb

CVSWeb Developer CVSWeb 1.80

TurboLinux cvsweb-1.93-1.noarch.rpm
MD5 checksum: a9983e6d1fa2fae00f136a0b9c1708a2GPG Key for signature verification: http://www.turbolinux.com/security/tlgpgkey.ascTo verify a package: rpm --checksig name_of_rpmTo verify MD5 checksum: rpm --checksig --nogpg name_of_rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/cvsweb-1.93-1.noarch .rpm