From: Andreas Metzler <ametzler@downhill.at.eu.org> Date: Sat, 1 Mar 2008 10:27:13 +0100 > > lynx uses the GnuTLS OpenSSL wrapper library. The license of this > library has been changed from GPLv2+ to GPLv3+ in version 2.2.0 and > later. lynx itself is GPLv2 (without "or later" clause). GPLv2 and > GPLv3+ are incompatible. > > This has already been submitted upstream > http://news.gmane.org/find-root.php?message_id=%3cf7a755%2d7ch.ln1%40argenau.downhill.at.eu.org%3e > > Until lynx has been changed to use GnuTLS' native interface it may not > be linked aginst GnuTLS. Perhaps, this might work, I have not checked > license or availablity in Debian: > http://news.gmane.org/find-root.php?message_id=%3c47AAC530.2020405%40redhat.com%3e > cu andreas > I'm no lawyer, so my analysis may be wrong, but: * The illegality of any linkage between lynx and the gnutls openssl wrapper is based on lynx (binary or source) being a derivative work of said wrapper * lynx is capable of being built against the older version, and may well have been in the most recent binary packages * Moreover, as the gnutls openssl wrapper is designed to emulate another interface, packages based on either shouldn't be considered a derivative work * GPLv2 and GPLv3 both allow the user to do anything they want to the software providing no distribution takes place * Therefore since lynx works against the older version, it cannot be said to be a derivative work in non-dynamically linked form, and moreover the dynamically linked image in the user's memory is authorized by the aforementioned non-distribution rule (GPL-2 section 0 para 2, GPL-3 section 2, para 2) Therefore, although the current situation may be undesirable in the long run, it ought to be not in violation of either licence, right? That said it's probably untenable enough to warrant an RC bug, but I'm curious as to if there's any gaping hole in my logic :) Please CC on replies; I'm not subscribed to debian-legal. Thanks, Bryan Donlan
Attachment:
signature.asc
Description: Digital signature