commit: 15917771aa371da65388812d7af5f1dba9147177
parent 3a1b950000460ee8f19fa61db34246664ccc8b80
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Sat, 3 Jul 2021 17:41:04 +0200
base/package.mask: zziplib fix and pycrypto gone
Diffstat:
1 file changed, 0 insertions(+), 7 deletions(-)
diff --git a/profiles/base/package.mask b/profiles/base/package.mask
@@ -1,6 +1,3 @@
-# unmaintained, got vulnerability, use pycryptodome
-dev-python/pycrypto
-
# Lack of backporting for security fixes; no release after CVEs; code copypasta
# =media-gfx/exiv2-0.26_p20180319 -> broken compilation
media-gfx/exiv2
@@ -9,7 +6,3 @@ media-gfx/exiv2
# Bloated, quite insecure (too much trust in other apps, more than paging)
# alternative can be sys-apps/most, see virtual/pager for others
sys-apps/less
-
-# Haelwenn (lanodan) Monnier <contact@hacktivis.me> 2019-10-17
-# Vulnerable to CVE-2018-17828 (non-removal of "../" in the paths)
-=dev-libs/zziplib-0.13.69
