Stuart Henderson wrote: > As mentioned elsewhere but wanted to get it on ports@ as well, a few > other programs have a soft dependency on metamail, mostly newsreaders > (tin, slrn and emacs gnus can optionally uae it). And it may be used > in some local scripts for encoding MIME messages, there aren't many > options for simple command-line tools to do this..
My main concern is how vulnerable metamail likely is. It had a far-from-stellar record when it was popular: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=metamail Because it isn't packaged with Debian or being widely used anymore, I doubt it's getting many eyeballs. And development stopped in 1994. I wouldn't be surprised if the latest versions of afl and Coverity could find some scary stuff.
