Update to 1.11.16:

Changes since 1.11.15:
**********************

SERVER SECURITY FIXES

* A potential buffer overflow vulnerability in the server has been fixed.
  Prior to this patch, a malicious client could potentially use carefully
  crafted server requests to run arbitrary programs on the CVS server machine.
  This addresses the Common Vulnerabilities and Exposures Project's issue
  #CAN-2004-0396.  Please see <http://www.cve.mitre.org> for more information.

BUG FIXES

* The Microsoft Visual C++ workspace and project files have been repaired and
  regenerated with MSVC++ 6.0.

* The cvs.1 man page is now generated automatically from a section of the CVS
  Manual.

* Thanks to a report from Mark Andrews at the Internet Systems Consortium, the
  :ext: connection method no longer relies on a transparent transport that uses
  an argument processor that can handle arbitrary ordering of options and other
  arguments when using a username other than the caller's.

* Thanks to Ken Raeburn at MIT, directory deletion, whether via `cvs release'
  or empty directory pruning, now works on network shares under Windows XP.

1 files changed, 3 insertions, 3 deletions

diff --git a/devel/cvs/patches/patch-ab b/devel/cvs/patches/patch-ab
index e7b83e53100..89fe73c5247 100644
--- a/devel/cvs/patches/patch-ab
+++ b/devel/cvs/patches/patch-ab
@@ -1,8 +1,8 @@
-$NetBSD: patch-ab,v 1.11 2004/04/15 22:28:36 wiz Exp $
+$NetBSD: patch-ab,v 1.12 2004/05/22 10:38:06 wiz Exp $
 
---- doc/cvs.texinfo.orig	Wed Apr  7 02:46:57 2004
+--- doc/cvs.texinfo.orig	2004-05-14 20:50:08.000000000 +0200
 +++ doc/cvs.texinfo
-@@ -13450,6 +13450,11 @@ CPU intensive but is not recommended for
+@@ -13500,6 +13500,11 @@ CPU intensive but is not recommended for
  
  @xref{verifymsg}, for more information on how verifymsg
  may be used.