See the post here:
And the patch here:
The latest cvs package - cvs-1.11.1p1-7.i386.rpm - is affected by this problem.
Steps to Reproduce:
- Set up a CVS pserver
- Create a "writers" file in CVSROOT
- Log in with a user name not listed in "writers"
- Notice that you can create tags, even though you should only have read-only
This seems like a really bad bug for people who depend on cvs tags and have
public anoncvs. Is this serious enough to warrant an errata?
Its in 7.3