On Tue, Oct 20, 2020 at 06:43:16PM +0200, Jonas Smedegaard wrote: > Quoting Michael Biebl (2020-10-20 16:23:20) > > Am 20.10.20 um 15:16 schrieb Jonas Smedegaard: > > > This was just now brought to my attention: > > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924937#105 > > > > > > Do I understand correctly that Debian now ignore OpenSSL > > > incomatibilities with GPL? > > > > > > I.e. do we no longer need to either a) seek special exception for > > > each and every piece of GPL-licensed code linking with current or > > > older OpenSSL code, or b) patch such code to instead link with some > > > alternative crypto library, or c) wait for relicensd OpenSSL 3.0.0? > > > > > > > Yeah. I guess an official email from the ftp-master team regarding > > this issue would be a good idea. > > > > Fwiw, I think this this is a reasonable decision by the ftp-master > > team and I support it. > > It would certainly be good to have an official clarification. > > As I understand it, the conflict is that OpenSSL requires advertising > and GPL¹ requires no other requirements than those defined by GPL. > > It would therefore be quite relevant, I think, to have clarified if > Debian a) considers the OpenSSL requirement void, or b) considers the > GPL restriction about added requirements void². Debian considers OpenSSL a "system library"/"major component" as defined in GPL2 para 3 and GPL3 para 1, which lifts some requirements. -- WBR, wRAR
Attachment:
signature.asc
Description: PGP signature