Our current bzip2 package does not provide libbz2.so: --8<---------------cut here---------------start------------->8--- $ ls $(guix build bzip2)/lib libbz2.a libbz2.so.1.0 libbz2.so.1.0.6 --8<---------------cut here---------------end--------------->8---
Consequently, software that uses libbz2 always ends up statically-linking it. Thus, security issues in libbz2 cannot be grafted. Ludo’.
