It is suspected that this package is vulnerable to a security vulnerability in gnulib. As such we ask maintainers with packages suspected to be vulnerable to verify if the package is (or have been) affected. Please see the information contained in the tracker bug 600518. "If an application using parse_datetime(), such as touch or date, accepted untrusted input, it could cause the application to crash or, potentially, execute arbitrary code."
upstream looks dead since 2014
commit ee12e968b20ac1efdef5f66f392ae62b664978d2 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: Mon Aug 14 21:53:12 2017 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: Mon Aug 14 21:59:58 2017 dev-db/recutils: Remove last-rited pkg, #600524