Bug#1106796: marked as done (busybox-static: statically linked against glibc without a Built-Using: field)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Fri, 30 May 2025 17:49:35 +0000
with message-id <E1uL3rL-00AnSY-P7@fasolo.debian.org>
and subject line Bug#1106796: fixed in busybox 1:1.37.0-5
has caused the Debian Bug report #1106796,
regarding busybox-static: statically linked against glibc without a Built-Using: field
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1106796: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106796
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: busybox-static: statically linked against glibc without a Built-Using: field
• From: Aurelien Jarno <aurel32@debian.org>
• Date: Thu, 29 May 2025 22:53:15 +0200
• Message-id: <[🔎] 174855199546.3761418.1583975140032072180.reportbug@ohm.local>

Package: busybox-static
Version: 1:1.37.0-4
Severity: serious
Justification: Policy 7.8

Dear maintainer,

The busybox-static package provides /usr/bin/busybox which is statically
linked against glibc.

glibc is mostly is mostly licensed under the LGPL, which requires that
the full source code of the incorporating binary package be made
available. According to Debian Policy §7.8 [1] such a binary package
MUST list the glibc source package (and possibly others) in the
Built-Using: field.

Please also note that Build-Using-Static is not (yet?) part of the
Debian Policy, and more importantly that DAK does not know about this
field, so can't use it to retain the older versions in the archive in
order to satisfy the licenses.

Regards
Aurelien

[1] https://www.debian.org/doc/debian-policy/ch-relationships.html#additional-source-packages-used-to-build-the-binary-built-using

--- End Message ---

--- Begin Message ---

• To: 1106796-close@bugs.debian.org
• Subject: Bug#1106796: fixed in busybox 1:1.37.0-5
• From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
• Date: Fri, 30 May 2025 17:49:35 +0000
• Message-id: <E1uL3rL-00AnSY-P7@fasolo.debian.org>
• Reply-to: Michael Tokarev <mjt@tls.msk.ru>

Source: busybox
Source-Version: 1:1.37.0-5
Done: Michael Tokarev <mjt@tls.msk.ru>

We believe that the bug you reported is fixed in the latest version of
busybox, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1106796@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated busybox package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 30 May 2025 20:03:19 +0300
Source: busybox
Architecture: source
Version: 1:1.37.0-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Closes: 1106796
Changes:
 busybox (1:1.37.0-5) unstable; urgency=medium
 .
   * d/control: switch from Static-Built-Using back to Built-Using
     (Closes: #1106796)
Checksums-Sha1:
 d4b7525c3186367f0b9a19650e809b210269e082 2279 busybox_1.37.0-5.dsc
 8ed006daea86cffbb0d83b2dd17cfd8bb9d45350 64932 busybox_1.37.0-5.debian.tar.xz
 d671c1712fc96b639b4d60d671e904412158ae5c 5965 busybox_1.37.0-5_source.buildinfo
Checksums-Sha256:
 2cfa5463169b552e5427ec9ea4b894fcf7d6bebb14eeb870c0f41945b8111d1f 2279 busybox_1.37.0-5.dsc
 a614a1e4593347650c92f38608041bb774340f11b5d88cc88f4fb566b484adbd 64932 busybox_1.37.0-5.debian.tar.xz
 da17e592a93ee6fa2afff40f5e48d4a761bc9fdc655424bc7a8e536ea9f4f8d1 5965 busybox_1.37.0-5_source.buildinfo
Files:
 150451548aaf466db09808e4918af10a 2279 utils optional busybox_1.37.0-5.dsc
 8e356885ef923f33b13baaaa53a16b14 64932 utils optional busybox_1.37.0-5.debian.tar.xz
 f9eff60befd8d8bb63ab23c16e8defed 5965 utils optional busybox_1.37.0-5_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZKoqtTHVaQM2a/75gqpKJDselHgFAmg56WMACgkQgqpKJDse
lHiU+RAAuHvQY5lYX76t1wuf/rzee6Z3jm+/qW+gUQ9QEOtIItT+L7zhfFnLKyWA
OrlbzWIlzbRYwKX8FCNS4vpqvrEi5k0qNPELBXhdf10Sqlp0tALp/3C/+H3zROVI
kr1TGb4qnbMU+CkI8X+GKEwOlWjWKbRASc3VGmqWJLz2gL9lF6HspwsxjENvj5ge
a4EInPp5Rg6IcnT9aqP962cqr4mJA2XkS0eQYuN1rClopVYFMiw0hk3dAg/NSFzh
BgfiFTs7td53K8rVvAk5lLjARxB9PgALkAG3vViIY4cWcs9PdbuSqrl99W2d2Fse
SvZQx8LmGTHeBOfeaPwPGgvaHQdBxMy/gGuiLis/pOMSIBYsaEhAgGqVTIK2dPEj
q54RrE0VSn6gpTv26FY86kiEl4Arh9PgB2xRmWXTIGyrV9KYeb0WCMnKgdwNnGZG
TXnkBDT5JKBf4iKLpX8kiovgID84j5h14/pZx+ws7Pdo91Kp3C5P/3LZ3ijbBV6X
tNfa5XRSlzV4nf0xSU0fP6QGep7FNBz3zURlKkyFaR1919PvpFJ0fl2Nu2VWXbxL
5Tx6wGaR1nTvohnGKXl99fGMcngS6fjTAfWTqkluEDTe/DX6smyC+eMDMhvU/u1+
qCydkLhc2GoDdp2aRRQSnDFylmxvevhybxZp0hDjbWdKaSnF0ls=
=jV4Y
-----END PGP SIGNATURE-----

Attachment: pgpwVCqNE3LVu.pgp
Description: PGP signature

--- End Message ---