Comment 9 for bug 1794219

@Christian, actually, the security team doesn't typically decide if it needs a security review; that is part of the ubuntu-mir team's review. We have criteria for when something requires it: https://wiki.ubuntu.com/MIRTeam#Security. If it doesn't meet those (or similar) criteria, then it doesn't need us. Of course, you can always ask us to help decide, but this is a case by case basis rather than as a matter of course.

There are no CVEs, no open ports, you need to be admin to run the software and it doesn't process untrusted input as root. Unassigning security.