Hi, On Tue, May 16, 2017 at 11:40 AM, Adam Cecile <acec...@le-vert.net> wrote: > Package: wnpp > Severity: wishlist > X-Debbugs-CC: debian-devel@lists.debian.org > > Package name: libjasper
Just keep the old naming convention please: 'jasper'. > Version: 2.0.12 > Upstream: Michael David Adams > License: JasPer License > Description: This package has been scheduled for removal after Stretch > release but is very important to me as it can be used to add JPEG 2000 to > OpenCV (many satellite images comes as JPEG 2000). The new upstream on > GitHub provides frequent updates as well as a decent CMake build system so I > see no reason to not get it back in the archive :) At the very least you'll need to address the old CVEs in that case: https://bugs.debian.org/cgi-bin/pkgreport.cgi?repeatmerged=no&src=jasper - CVE-2016-8693 - CVE-2016-8691 - CVE-2016-8692 - CVE-2016-8690 I personally fought against having duplicate JPEG 2000 libraries in Debian (esp. since jasper seems dead upstream). I still believe you should invest some time in replace jasper with OpenJPEG throughout your OpenCV codebase, since OpenJPEG is used to manipulate satellite image in professional environment. 2cts -M