Comment 10 for bug 1700827

Apropos the CVE's all of these have been completely addressed in past PCP releases.
CVE-2012-5530 - fixed in PCP 3.6.10 (released 19 Nov 2012)
CVE-2012-3421, CVE-2012-3420, CVE-2012-3419 and CVE-2012-3418 - all fixed in PCP 3.6.5 (released 16 Aug 2012)
CVE-2001-0823 - fixed in PCP 2.2.1 (released 21 Jun 2001)

I am in agreement with Frank, that we'd really like to see some specific issues identified that are barriers to inclusion of PCP in main.

If we had this list we're more than happy to work through them ... based on 20+ years of experience with PCP development and deployment in many big and ugly environments, I am confident that most of them will turn out to be false positives, others can be fixed.

Thanks for the effort so far with the review.