Your message dated Fri, 29 Jul 2011 18:51:52 -0700 with message-id <20110730015152.GA30850@virgil.dodds.net> and subject line Re: Bug#635994: foo2zjs makes use of embedded, patented libraries has caused the Debian Bug report #635994, regarding foo2zjs makes use of embedded, patented libraries to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 635994: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635994 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: foo2zjs makes use of embedded, patented libraries
- From: Arno Töll <debian@toell.net>
- Date: Sat, 30 Jul 2011 03:14:58 +0200
- Message-id: <[🔎] 20110730011458.6925.8308.reportbug@snowball.fritz.box>
Package: foo2zjs Version: foo2zjs Severity: serious Tags: upstream Justification: violates DFSG, violates should constraint in policy § 4.13 I was told by an anonymous user in #debian on OFTC (logs upon request available), that the foo2zjs package is making use of patentended code, embedded into its source. foo2zjs uses the jbigkit library [1] which in turn consists of paten- ted code [2]. Examples can be found in the following files: * jbig_ar.c * jbig_ar.h * jbig.c * jbig.h all those files cleary state their origin. In addition, the jbigkit library was intented to be packaged for Debian [3] but was never introduced to Debian (as far as I can tell) because of this reason. Considering this unclear code distri- butability and the Debian patent FAQ [4], I hereby request for comments about this issue and possible solutions. Please note the original reporters intention was to include, possibly even package jbigkit for Debian. So his point of view was to either allow jbigkit to be packaged or foo2zjs to be removed (or cleaned of patented bits) for consistency. This seemed feasible to me. I personally am not particularly interested in either package, but would like to have this problem addressed. [1] http://www.cl.cam.ac.uk/~mgk25/jbigkit/ [2] http://www.cl.cam.ac.uk/~mgk25/jbigkit/patents/ [3] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466427 [4] http://www.debian.org/reports/patent-faq -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.38-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
- To: Arno Töll <debian@toell.net>, 635994-done@bugs.debian.org
- Subject: Re: Bug#635994: foo2zjs makes use of embedded, patented libraries
- From: Steve Langasek <vorlon@debian.org>
- Date: Fri, 29 Jul 2011 18:51:52 -0700
- Message-id: <20110730015152.GA30850@virgil.dodds.net>
- In-reply-to: <[🔎] 20110730011458.6925.8308.reportbug@snowball.fritz.box>
- References: <[🔎] 20110730011458.6925.8308.reportbug@snowball.fritz.box>
On Sat, Jul 30, 2011 at 03:14:58AM +0200, Arno Töll wrote: > Package: foo2zjs > Version: foo2zjs > Severity: serious > Tags: upstream > Justification: violates DFSG, violates should constraint in policy § 4.13 > I was told by an anonymous user in #debian on OFTC (logs upon request > available), that the foo2zjs package is making use of patentended code, > embedded into its source. foo2zjs uses the jbigkit library [1] which in > turn consists of patented code [2]. I am closing this bug with extreme prejudice. As the patent FAQ you've cited explains, *reading patents increases your liability*. Short of a claim from the patent holder that we are distributing something that infringes their patents, the preferred course of action is to *not look at these patents at all*. If and when a patent holder indicates that there is a problem, we should take action to remove the infringing software to protect our downstream users. But until then, we should not attempt to make any determination of whether the software in question infringes a valid software patent. According to the summary page, there is one remaining patent which may be infringed by jbigkit. This patent expires less than a year from now in the US, has already expired elsewhere, and no attempt has been made to enforce patent rights against Debian or its users. So there is no serious bug here. > all those files cleary state their origin. In addition, the jbigkit > library was intented to be packaged for Debian [3] but was never > introduced to Debian (as far as I can tell) because of this reason. The comment in the bug states: > packaging would be straightforward, since there is just a static > library. However I guess the patent issues will keep us from shipping > it in Debian. That is a non-sequitur. Debian does not have a policy of refusing to include software which may be covered by software patents. There is no explanation given in the bug log for why the software was not packaged; it was probably not packaged because RFPs are not a good mechanism for getting software into Debian and no one was interested in maintaining a package for this software. I see nothing to indicate that jbigkit would (or should) be rejected if someone chose to package it separately. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek@ubuntu.com vorlon@debian.orgAttachment: signature.asc
Description: Digital signature
--- End Message ---