Jochen Voß has reported a vulnerability in man-db, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a boundary error if the "BROWSER" environment variable contains "%s" expansions. This can be exploited to cause a buffer overflow and may allow the execution of arbitrary code with escalated privileges. Solution: Update to version 2.4.4.
setting status.
no need for security to be involved as no one has ever stabled this package
2.4.4 now in portage