Hi Mark,
Mark H Weaver skribis:
> I've just rebuilt my x86_64 GuixSD system to use 'openjpeg' from git
> (since I see many more fixes there that look security-relevant), and to
> use this fresh openjpeg in both 'poppler' and 'tracker'. Unfortunately,
> the 'poppler' change required a massive re
We've recently applied several security updates to openjpeg-2, but our
'poppler' and 'tracker' packages still use openjpeg-1 which is more than
a year old, and presumably has most of the same security issues.
In the case of 'poppler', apparently upstream says that openjpeg-1 is
preferred because o
