Comment 1 for bug 405623

This is a binary-data compression system, for which security bugs have traditionally been common. Is there a reason this library is being used instead of lzma-dev? I would prefer to have a single lzma library in main, not two.