On Sun, May 28, 2017 at 04:23:21PM -0400, Leo Famulari wrote:
> GraphicsMagick bundles a large number of 3rd party libraries.
> 
> We should unbundle and remove the ones that we can. For the rest, we
> should try patching their vulnerabilities and leaving code comments
> explaining the situation in the GraphicsMagick package definition.

The GraphicsMagick release tarball doesn't include these bundled
libraries. They are only in the Mercurial checkout.

We did not have to adjust our package very much when switching from the
release tarballs to the Mercurial checkout, so they are probably not
used, and it should not be too hard to unbundle them.