[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: congratulations to our ftp-master team

Anand Kumria <wildfire@progsoc.uts.edu.au> writes:

>> The ffmpeg library in debian is a problem case and probably should not
>> be in there. That issue hasn't been decided yet and till then anything
>> using it stays stuck.
> Really? Excellent then. I would expect that gstreamer0.10-ffmpeg, 
> recently uploaded, to be stuck in NEW for a year (at least) then.
> If it isn't then your theory is wrong.
> What you are saying that is that a sceanario such as:
> 	- a company (e.g. Unisys) asserting a patent on 
> 	- a file format (e.g. GIF) which has 
> 	- a library (e.g. libgif) which is used by
> 	- an application (e.g. gimp)
> should result in further uploads of the gimp being held indefinately in
> the NEW queue until such time as any perceived library patent problem is
> resolved.

If gimp contained the libgif source code then yes. For that and
code/bug duplicating reasons.

So if you run into such a case better make sure not to get gimp into
the NEW queue or it stays there for a while.

> I'd argue that either:
> 	- the library, and all dependant program be removed from the
> 	  archive
> 	- that applications merely linked to the library be allowed in
> 	  but that the library maintainer be asked to remove the
> 	  offending code
> In the spirit of Anthony's blog entry [1], I've CC'd him for an informal
> opinion about that.

Both would be ok. But this case doesn't fall under this. It contains a
copy of the source it seems.

Imho that alone is already grounds for rejection or we create a
situation like zlib where every package had a copy and the same
security exploit.


Reply to: