Re: Maintaining of CodeBlocks
- To: Vincent Cheng <vcheng@debian.org>
- Cc: David Paleino <dapal@debian.org>, Michael Casadevall <sonicmctails@gmail.com>, debian-legal@lists.debian.org
- Subject: Re: Maintaining of CodeBlocks
- From: Alexander Gerasiov <gq@debian.org>
- Date: Tue, 31 May 2016 13:26:11 +0300
- Message-id: <[🔎] 20160531132611.350c81cc@brick.gerasiov.net>
- In-reply-to: <CACZd_tCPnTH672W0T8z4Mm0SmUA+z+U+N0XcNakVKL7-R8M+fg@mail.gmail.com>
- References: <20160201011730.5fa384a2@brick.gerasiov.net> <CACZd_tB-85w=AmUbcG57RZ1b9knX-8y+_ckHiraX8zMx0j_d9w@mail.gmail.com> <20160201161159.35db18f0@brick.gerasiov.net> <CACZd_tDHXa1Yu5hgr3UYVtFiYjh-VX7z3VLv=RHk_8i77ZD96g@mail.gmail.com> <20160215031818.1a63226a@brick.gerasiov.net> <CACZd_tCPnTH672W0T8z4Mm0SmUA+z+U+N0XcNakVKL7-R8M+fg@mail.gmail.com>
Hello Vincent,
On Fri, 20 May 2016 02:01:11 -0700
Vincent Cheng <vcheng@debian.org> wrote:
> Hi Alexander,
>
> Sorry about the late reply..."next week" turned into "a few months
> later", but better late than never, right?
Yeah! Good work. I was interrupted with other tasks and had no time to
finish this since that.
[...]
> I've gone ahead and merged your WIP branch as well as finish dealing
> with everything left in copyright.TODO, dealing with BTS patches,
> lintian issues, etc., and I think everything is ready for upload now
> except for that DFSG violation you pointed out:
>
> WARNING: DFSG violation in
> src/plugins/contrib/source_exporter/wxPdfDocument/src/pdfencrypt.cpp
> src/plugins/contrib/source_exporter/wxPdfDocument/src/pdfxml.cpp
>
> License: RDS-Data-Security
> License to copy and use this software is granted provided that
> it is identified as the "RSA Data Security, Inc. MD5 Message
> Digest Algorithm" in all material mentioning or referencing this
> software or this function.
> .
> License is also granted to make and use derivative works
> provided that such works are identified as "derived from the RSA
> Data Security, Inc. MD5 Message Digest Algorithm" in all
> material mentioning or referencing the derived work.
1. I believe this clause forces Debian to mention RSA Data Security on
every html page and in every place where CodeBlock is mentioned. Isn't
it?
2. Your main code is GPL v3 (note, 3d version, not 3+, because there
are several files which don't allow "any later version"). But GPL is
not compatible with such advertising clauses, see famous BSD-4 vs GPL
example: http://www.gnu.org/licenses/license-list.html#OriginalBSD
I cc debian-legal, these guys will correct me, if I'm wrong.
> .
> RSA Data Security, Inc. makes no representations concerning
> either the merchantability of this software or the suitability
> of this software for any particular purpose. It is provided "as
> is" without express or implied warranty of any kind.
> .
> These notices must be retained in any copies of any part of this
> documentation and/or software.
>
> However, I don't think that's actually a DFSG violation. The
> RDS-Data-Security license allows for free use, copying, redistribution
> and derivative works; I don't think any of its clauses are violating
> DFSG. Also, several other packages in Debian main seem to include
> source files that use this license, e.g. erlang [1] or ftpmirror [2].
> Can you explain why you think it's a DFSG violation?
>
> Regards,
> Vincent
>
> [1]
> http://metadata.ftp-master.debian.org/changelogs/main/e/erlang/unstable_copyright
> [2]
> http://metadata.ftp-master.debian.org/changelogs/main/f/ftpmirror/unstable_copyright
I think we should replace this MD5 implementation with any other free
one. (And send patch to upstream, because they are also affected.)
--
Best regards,
Alexander Gerasiov
Contacts:
e-mail: gq@cs.msu.su Homepage: http://gerasiov.net Skype: gerasiov
PGP fingerprint: 04B5 9D90 DF7C C2AB CD49 BAEA CA87 E9E8 2AAC 33F1
Reply to: