> I've sent report about the following security hole to the
> authors of gpm, but they seemed to ignore the problem. The
> problem applies to every gpm version known by me, for
> example 1.18.1 and 1.19.0.
Well, if you would check README in 1.19.0 version, you would notice
following fragment:
=========== MAINTAINANCE
As of 1.19.0, gpm is officially unmaintained. I can't do it any more,
and nobody expressed interest in it.
So I don't think it is fair to blame someone who spent a great deal of
their time doing gpm and has just quit it. Instead of blaming them
how about making up a patch and telling everybody "here's a patch
which fixes this problem".
FWIW,
Adam
