I think I've managed to lose the plot. I'm hoping someone will point me in the right direction.
I'm always quick to upgrade after a security advisory comes out, but I seem to have missed the very latest notification. As soon as I noted it listed publicly, I went in and did my usual "cvs update -dP" and sure enough a few things were updated.
However, I note that the version shown in Notifications is 2.2.6+ (Build: 20121230) (I don't recall what it was before I did the update, but my last one was quite recent).
This is worrying me. Shouldn't it have updated to 2.2.7 now? Aren't there some issues with the 2.2.6+ as per the advisory?
I did another "cvs update -dP" just in case, but no change.
The CVS Tag file shows TMOODLE_22_STABLE which is what I was expecting. I'm using uk.cvs.moodle.org as the CVS server.
I'd really like to stick to CVS until I upgrade to 2.4 (which, I suppose, needs to be scheduled to be done soon, given that 2.2 doesn't have that long to go before it goes EOL for security updates).
Any advice please?
EDIT: D'oh. Just seen this about CVS. https://moodle.org/mod/forum/discuss.php?d=215489