I wrote: > It appears upstream is back online and a new version (ProZilla 1.3.7.3) > was released January 24, 2005. An helpful user provided an ebuild on the > bug[1]. That said, the package has no metadata.xml nor recent maintainer > in Gentoo, so it needs a new daddy and/or herd that will love it, bump > it and unmask it (and commit to maintain it).
OK... There are still (exploited) problems in it, and the code still has low standards for security. Like I said on the bug, this is an ongoing security problem that disguises itself as a connection spamming tool. We can't put it back in the tree without a full audit (or a full rewrite) and I think this package is not worth it. -- Koon -- [email protected] mailing list
