As reported by the developers of qt-dcgui all versions before 0.2.2 have a security flaw that allows users to download unshared files. The fix is to update to 0.2.2 or above. Versions below 0.2.2 should be removed from portage.
I've committed 0.2.3 of dclib and qt-dcgui now. Aliz, are you going to write a GLSA on this one?
you forgot to add the digest and patch files for dclib-2.3 ... ive added them now though ...
Ah, sorry. Being a gcc3 user, that just flew right by my testing.
glsa sent