Date: Wed, 22 Mar 2000 18:35:53 -0500 From: ADAM Sulmicki <adam@CFAR.UMD.EDU> Subject: Re: gpm-root To: BUGTRAQ@SECURITYFOCUS.COM > I've sent report about the following security hole to the > authors of gpm, but they seemed to ignore the problem. The > problem applies to every gpm version known by me, for > example 1.18.1 and 1.19.0. Well, if you would check README in 1.19.0 version, you would notice following fragment: =========== MAINTAINANCE As of 1.19.0, gpm is officially unmaintained. I can't do it any more, and nobody expressed interest in it. So I don't think it is fair to blame someone who spent a great deal of their time doing gpm and has just quit it. Instead of blaming them how about making up a patch and telling everybody "here's a patch which fixes this problem". FWIW, Adam