The latest release of ProZilla is 2.0.3. At the absolute least, this ebuild should be updated to 22.214.171.124, for both security and usability purposes. I have attached the relevant changelog information below:
ProZilla 126.96.36.199 released 24 March 2005
* Support for downloading files > 2GB.
* Fix a remotely exploitable format string security bug.
* Fix bugs in the handling of bad command-line options. Previously prozilla would return the success status code, even though it failed. Now it returns failure.
* Fix a segfault. This occurred when prozilla could not assemble a file due to lack of disk space and the user chose to abort the operation.
* Fix some typos.
It's a crap security-wise (Bug 70090), and has been package.masked for a long time.
# Tavis Ormandy <email@example.com> (9 Feb 2005)
# Masked pending security audit.
(In reply to comment #1)
> It's a crap security-wise (Bug 70090), and has been package.masked for a long
> # Tavis Ormandy <firstname.lastname@example.org> (9 Feb 2005)
> # Masked pending security audit.
2.0.3 was released on Dec. 13th, 2005, yet I do not see any mention of it (or any other 2.x.x releases) in bug #70090. Did everyone give up on ProZilla after the bug #70090 debate?
*** Bug 119784 has been marked as a duplicate of this bug. ***
Hi. I don't understand why it won't be fix...