All releases of CVS
Release Notes: An "-n" option to revert the "-N" option was introduced. The command "cvs blame" as an alias to "cvs annotate" was added. A new "IgnoreUnknownConfigKeys" config option was added. Data loss on crashes of heavily loaded systems is now avoided. Locking during import was corrected. A server hang with enabled compression was fixed. Applying diffs when checking out very old revisions was sped up significantly. Several other improvements and bugfixes were made.
Release Notes: This release fixes several minor security issues, including CAN-2005-0753, several minor potential vulnerabilities in the contributed Perl scripts, and compilation on IRIX 5.3.
Release Notes: This release fixes a few serious bugs in both the CVS client and server. An intermittent assertion failure on checkout was fixed. A final fix for the infamous "Red File" bug on Windows was included. An upgrade is recommended for all clients and servers.
Release Notes: This version fixes several serious security holes in the CVS server executable as well as fixing one other minor bug in both the CVS client and server. It is recommended for all CVS clients and servers.
Release Notes: This release fixes two security issues with root access and file system traversal. Furthermore, it includes some fixes for case sensitivity, symbolic link handling, portability, and the build process.
Release Notes: This release fixes two backwards compatibility issues in 1.11.7 and 1.11.8, as well as an issue that could cause some files to become unavailable to clients running on systems with case insensitive filesystems. An upgrade for all CVS clients and servers is recommended.
Release Notes: In this version, a warning message is issued if an admin file contains more than one DEFAULT entry. Error running a verifymsg script (such as referencing an unset user variable or the script not existing) now causes the verification to fail. Errors in admin files commands (like unset user variables) are no longer reported unless the command is actually executed. The Checkin.prog and Update.prog features have been removed. This previously allowed executables to be specified in the modules file to be run at update and checkin time, but users could edit these files on a per workspace basis, creating a security hole.
Release Notes: This release fixes a major security vulnerability in CVS. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0015 to this issue.
Release Notes: There are bugfixes for Windows platforms. Message timestamps are now in UTC rather than the server's local time.
Release Notes: This version includes new options for log and rlog commands, fixes for a serious error that allowed read-only users to tag files, and other fixes and improvements.
