GPLed software and OpenSSL
Hi guys,
My work with Renaud and the Nessus team has led me to be more sensitive
to the OpenSSL situation. (Unfortunately, we still don't have a
resolution yet.)
This is why my eyebrows raised when I looked at snort and found
that it had the same problem! We distributed snort-mysql linked with
OpenSSL which we are not allowed to do!
I think it is indicative that there is a huge flaw in the
OpenSSL licensing; specifically, that thrice damned advertising clause.
I decided to take a look at what Reverse Depends on OpenSSL:
sfllaw@SAL9000:~/src/snort-1.8.6$ apt-cache showpkg libssl0.9.6 | grep
'^ ' | wc -l
165
These 165 packages include such GPLed software as: nessus,
snort, wget-ssl, proftpd, kdelibs3-crypto, postgresql, gnustep-ssl,
etc... I'm very disturbed by this discovery, as we would be doing
something illegal by distributing these packages in the upcoming
release. What should we do?
Simon
--
To UNSUBSCRIBE, email to debian-legal-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: