It is suspected that this package is vulnerable to multiple vulnerabilities (including a remote code execution vulnerability) due to embedded ioquake3 engine. As such we ask maintainers with packages suspected to be vulnerable to verify if the package is (or have been) affected. Please see the information contained in the tracker bug 376589 for further details.
Bug 420783 (CVE-2012-3345) was added to the same tracker.
0.8.8-r1 is still vulnerable to all three CVE's.
Pkg was removed in another bug.