Every now and then on IRC you here a conversation about security. It usually starts off with someone from the Linux camp griping about Windows security. This is often followed by someone from the FreeBSD camp stating that Linux isn't much better, statistically speaking. The Linux camp then retorts that there may be bugs, but they're nowhere as severe as Windows, etc, etc.
The recent CVS hack (you *have* upgraded to 1.11.16, right?) reminds me of something - your system is only as secure as your weakest 3rd party app.