[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: System libraries and the GPLv2

On 30/03/17 08:05, Andrey Rahmatullin wrote:
> On Wed, Mar 29, 2017 at 11:10:01PM +0200, Carlos Alberto Lopez Perez wrote:
>> Apache 2.0 is compatible with GPLv3 [1] (therefore also with GPLv2+).
> It's more complicated than "therefore also".
> Imagine a GPL2+ program library linked with a GPL2 library. Now also link
> this program with an Apache 2.0 library. What happens?
I agree its more complicated. But usually what happens is this:

For several Linux distributions: nothing happens because they have
already declared OpenSSL a system library.

For Debian: the maintainer reports a bug to the author of the GPLv2
library so they add an exception to link with the OpenSSL. The upstream
maintainer either can't do that because its unable to contact every
author of the software or doesn't care and thinks this is a Debian
specific issue. The Debian maintainer either abandons here or takes into
the task of implementing a patch that uses libgcrypt or similar instead
of OpenSSL. It can happen that the Debian maintainer simply disables the
feature that uses OpenSSL (if that is an option)

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: