The latest release of ProZilla is 2.0.3. At the absolute least, this ebuild should be updated to 1.3.7.4, for both security and usability purposes. I have attached the relevant changelog information below: -- ProZilla 1.3.7.4 released 24 March 2005 Changes are: * Support for downloading files > 2GB. * Fix a remotely exploitable format string security bug. * Fix bugs in the handling of bad command-line options. Previously prozilla would return the success status code, even though it failed. Now it returns failure. * Fix a segfault. This occurred when prozilla could not assemble a file due to lack of disk space and the user chose to abort the operation. * Fix some typos. --
It's a crap security-wise (Bug 70090), and has been package.masked for a long time. # Tavis Ormandy <taviso@gentoo.org> (9 Feb 2005) # Masked pending security audit. www-client/prozilla
(In reply to comment #1) > It's a crap security-wise (Bug 70090), and has been package.masked for a long > time. > > # Tavis Ormandy <taviso@gentoo.org> (9 Feb 2005) > # Masked pending security audit. > www-client/prozilla > 2.0.3 was released on Dec. 13th, 2005, yet I do not see any mention of it (or any other 2.x.x releases) in bug #70090. Did everyone give up on ProZilla after the bug #70090 debate?
*** Bug 119784 has been marked as a duplicate of this bug. ***
Hi. I don't understand why it won't be fix...