CVE-2015-0885 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0885): checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.
Ccing treecleaners
removed
Package removed per previous comments. GLSA needed?
Package removed from tree per [1]. [1]: https://archives.gentoo.org/gentoo-dev/message/67240888bb49c83e26731062d29042e8