Hi team While triaging today I noticed this rather old CVE. The elog package is clearly vulnerable (at least when looking through the source code). However I noticed that elog is removed (exists in buster and bullseye though) and it has a very low popcon score.
Is it worth fixing? If not, we should say that this package is unsupported. Cheers // Ola -- --- Inguza Technology AB --- MSc in Information Technology ---- | o...@inguza.com o...@debian.org | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | ---------------------------------------------------------------
