Thanks for the link--I didn't know about this. Still, switching to SVN would probably aggravate the problem, by draining users and developers away from CVS--hence slowing CVS' bug fixes and greater security enhancements.
There's nothing magical about SVN--it is open source too and subject to the same time constraints and developer limitations of any other project. However, by dividing open source resources across two version control projects, the economy of scale is lost, and I'm concerned we will end up with two mediocre open-source version control systems instead.
Glen
Point well-taken about diluting the pool of OSS projects and available developers... My point in bringing this up was more to put the alert out there, and also to note that other projects @apache.org (most notably forrest) have moved to SVN. Being a relative newbie to CVS, it doesn't make much difference to me which one we use, although I definitely like the idea of supporting one system and sticking to it.
Web Maestro Clay
--- Clay Leeds <[EMAIL PROTECTED]> wrote:http://news.com.com/More+flaws+foul+security+of+open-source+repository/I don't know who this should go to (they probably already know), but according to Reuters[1], the CVS system has some fairly significant holes. I know Forrest moved to SVN not too long ago. Have we thought of doing it ourselves?
Web Maestro Clay
[1]
2100-7344_3-5229750.html?tag=macintouch