K 10
svn:author
V 6
nectar
K 8
svn:date
V 27
2004-04-14T16:40:50.000000Z
K 7
svn:log
V 396
Patch vulnerabilities in the CVS client and server:

  A malicious CVS server could cause your CVS client to overwrite
  arbitrary files (CAN-2004-0180).

  When a CVS client uses the `-p' checkout option, the server could be
  fooled into checking out files from outside the given $CVSROOT.

(This patch is applied in an unorthodox manner so as not to complicate
 a later vendor import of CVS.)

END