Re: CVS/Checkin.prog security hole status?

Dan Kegel wrote: Have the security issues identified in http://www.mail-archive.com/bug-cvs%40gnu.org/msg00384.html been resolved yet? They were: "CVS/Checkin.prog and CVS/Update.prog can be replaced with an arbitrary binary, which will be blindly executed on the server" and "the client

CVS/Checkin.prog security hole status?

Have the security issues identified in http://www.mail-archive.com/bug-cvs%40gnu.org/msg00384.html been resolved yet? They were: "CVS/Checkin.prog and CVS/Update.prog can be replaced with an arbitrary binary, which will be blindly executed on the server" and "the client trusts paths sent from