Hi all

net-misc/bidwatcher currently has atleast one known exploitable problem 
in it. A patch exists for the initial problem but we have no maintainer 
for the package.

Version <=1.3.16 is currently package masked and will be removed from 
the tree soon if nobody steps up to maintain it. The security team votes
for punting it.If your willing to maintain bidwatcher then the 
conditions for maintaining this package should include the ability to
audit your own package as there exists 1 known flaw and there _looks_ 
to be more.

Bug
http://bugs.gentoo.org/show_bug.cgi?id=82460

An update can be found here.
http://sourceforge.net/project/showfiles.php?group_id=2973

-- 
Ned Ludd <[EMAIL PROTECTED]>
Gentoo Security


--
[email protected] mailing list

Reply via email to