suggesting removal of the package from the repository due to the following reasons :-
[ ] Its a setuid GTK binary, http://www.gtk.org/setuid.html
[ ] Its not maintained anymore
[ ] Correcting 2011-2922 would require a huge about of code-rewrite
[ ] exploiting the vulnerability is not too complicated.
The codebase basically seems to have design security issues, which would make it pretty time-consuming to fix.
suggesting removal of the package from the repository due to the following reasons :-
[ ] Its a setuid GTK binary, http:// www.gtk. org/setuid. html
[ ] Its not maintained anymore
[ ] Correcting 2011-2922 would require a huge about of code-rewrite
[ ] exploiting the vulnerability is not too complicated.
The codebase basically seems to have design security issues, which would make it pretty time-consuming to fix.