Dan Kegel wrote:
Have the security issues identified in
http://www.mail-archive.com/bug-cvs%40gnu.org/msg00384.html
been resolved yet?
They were: "CVS/Checkin.prog and CVS/Update.prog can be
replaced with an arbitrary binary, which will be blindly
executed on the server"
and "the client
Have the security issues identified in
http://www.mail-archive.com/bug-cvs%40gnu.org/msg00384.html
been resolved yet?
They were: "CVS/Checkin.prog and CVS/Update.prog can be
replaced with an arbitrary binary, which will be blindly
executed on the server"
and "the client trusts paths sent from