It is suspected that this package is vulnerable to a security vulnerability due to expanding of malicious entities via dev-perl/XML-Twig. As such we ask maintainers with packages suspected to be vulnerable to verify if the package is (or have been) affected. Please see the information contained in the tracker bug 600818. # grep -Fr 'Twig->new' /var/tmp/portage/games-util/xgamer-0.6.2/work/xgamer /var/tmp/portage/games-util/xgamer-0.6.2/work/xgamer/bin/xgamer: my $twig = XML::Twig->new(
Tested on 9/20/2017 --- developer / # grep -Fr 'use XML' xgamer xgamer/bin/xgamer:use XML::Twig; xgamer/bin/xgamer: my $twig = XML::Twig::Elt->new($tag); xgamer/bin/xgamer: my $twig = XML::Twig->new( xgamer/bin/xgamer: # Return XML as string xgamer/Build.PL: 'XML::Twig' => 0 Daj Uan (jmbailey) Gentoo Security Padawan
Red Hat and upstream wontfix. No concerns with any other major vulnerabilities.