Hi all,

Am I the only one sitting around waiting for the an announcement of the CVS exploit and a fix?  Or maybe they fixed it and I don't know about it?  I run a CVS server for a project I work on - while I could download cvs and compile it myself, I'd rather use the version in the base system just for consistency.

Here's the advisory:

http://security.e-matters.de/advisories/012003.html

Ian