Re: review of jabberd2 packages

To: debian-legal@lists.debian.org
Subject: Re: review of jabberd2 packages
From: "Jamin W. Collins" <jcollins@asgardsrealm.net>
Date: Wed, 14 Jul 2004 16:09:11 -0600
Message-id: <[🔎] 20040714220911.GX9485@cerberus>
Mail-followup-to: debian-legal@lists.debian.org
In-reply-to: <[🔎] 87zn62mnl6.fsf@aule.evenmere.org>
References: <[🔎] 20040714000015.GG9485@cerberus> <[🔎] 87zn62mnl6.fsf@aule.evenmere.org>

On Wed, Jul 14, 2004 at 02:48:53PM -0400, Brian Thomas Sniffen wrote:
> "Jamin W. Collins" <jcollins@asgardsrealm.net> writes:
> 
> > I'm wondering if any of the frequent -legal posters would mind helping
> > with a review of my proposed Jabberd2 packages.  There was some concern
> > over the original package and the fact that a GPL'd work was linked
> > against OpenSSL.  I understand this concern and the upstream author has
> > been very cooperative in attempting to sort these matters out.  An
> > exception has been added for Jabberd2 to allow linking against OpenSSL,
> > but I would like to try and make sure there aren't any other licensing
> > problems.
> 
> Iff:
> 
> * The entire package is under the GNU GPL version 2
> 
> * and there's an exception to allow linking against OpenSSL
> 
> * And every copyright holder on the package agreed to that exception
>   -- so it doesn't reuse GPL'd code from elsewhere, for example,
>      unless there's also a GPL exception for OpenSSL from the authors
>      of that code.
> 
> THEN the GPL/OpenSSL issue is fine, and there are likely no other
> licensing concerns.

Jabberd2 is indeed licensed under the GPLv2, but the concern I have is
over the various linkings of the package.  The packages depended on by
the various versions of the Jabberd2 builds are:

   libc6
   libidn11
   libmysqlclient12
   libpam0g
   libpq3
   libssl0.9.7
   zlib1g
   libldap2
   libdb4.2

The licenses are as follows (as far as I know):

   Sleepycat License?:
   - libdb4.2

   BSD:
   x libpq3
   x zlib1g

   GPLv2:
   * dpatch
   * debhelper
   - libmysqlclient12

   GPLv2 & BSD:
   - libpam0g

   OpenLDAP Public License:
   - libldap2

   LGPL:
   - libidn11
   - libc6

   OpenSSL & SSLeay:
   - libssl0.9.7

The items marked with a * aren't linked in the resulting binaries
(obviously) but are used for the package creation.  I'm not sure how
this effects the licensing considerations if at all.

Those marked with a x seem to resemble BSD license but don't exactly
match the copy found in /usr/share/common-licenses/.

I've attached the copyright files for the packages whose license is not
in /usr/share/common-licenses/ (and those that differ) to this message
(gzip'd to conserve the lists and subscribers bandwidth).

-- 
Jamin W. Collins

Remember, root always has a loaded gun.  Don't run around with it unless
you absolutely need it. -- Vineet Kumar

Attachment: libdb4.2-copyright.gz
Description: Binary data

Attachment: libpam0g-copyright.gz
Description: Binary data

Attachment: libpq3-copyright.gz
Description: Binary data

Attachment: libssl0.9.7-copyright.gz
Description: Binary data

Attachment: zlib1q-copyright.gz
Description: Binary data

Reply to:

Follow-Ups:
- Re: review of jabberd2 packages
  - From: Matthew Palmer <mpalmer@debian.org>

References:
- review of jabberd2 packages
  - From: "Jamin W. Collins" <jcollins@asgardsrealm.net>
- Re: review of jabberd2 packages
  - From: Brian Thomas Sniffen <bts@alum.mit.edu>

Prev by Date: Re: Clarification of redistribution
Next by Date: Re: handling Mozilla with kid gloves [was: GUADEC report]
Previous by thread: Re: review of jabberd2 packages
Next by thread: Re: review of jabberd2 packages
Index(es):
- Date
- Thread