41b1a98f59
A malicious CVS server could cause your CVS client to overwrite arbitrary files (CAN-2004-0180). When a CVS client uses the `-p' checkout option, the server could be fooled into checking out files from outside the given $CVSROOT. (This patch is applied in an unorthodox manner so as not to complicate a later vendor import of CVS.)