https://apps.fedoraproject.org/packages/lcms/bugs/all lists a CVE. If lcms-11 is no longer going to be maintained in Fedora that (and any other) security flaws won't be addressed. It's therefore advisable for them to update to the new version of lcms if feasible. The affected packager would likely want to take ownership of lcms-1 and patch the security issues.
-Toshio -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
