CVE-2018-17942: The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
Please fix it.
Last update: 2019-02-16
Standards version of the package is outdated.
The package is severely out of date with respect to the Debian Policy.The package should be updated to follow the last version of Debian Policy
(Standards-Version 4.3.0 instead of
This package has been
orphaned. This means that it does not have a real
maintainer at the moment. Please consider adopting this package
if you are interested in it. Please see bug number #921954 for more information.