Bug#469106: lintian: False positive for possible-gpl-code-linked-with-openssl
Andrew Pollock <apollock@debian.org> writes:
> Package: lintian
> Version: 1.23.28
> Severity: normal
>
> Lintian produces a false "possible-gpl-code-linked-with-openssl" warning
> for packages that are not GPL licensed, but contain the magic
> "/usr/share/common-licenses/GPL" string in their copyright file because
> the packaging is GPL licensed.
>
> The debian/copyright file in question is attached.
Unfortunately, I don't know of a good way to detect this case and still
maintain the check absent a machine-parsable copyright format that
specifies exactly which files are under which license. (The check was
specifically requested by Joerg with his ftp-master hat on.) It's a tough
edge case.
I will note that one could argue that this case (packaging copyrighted
under the GPL, package copyrighted under a more permissive license,
package linked with OpenSSL) is inherently fragile from a legal
standpoint. If as part of that packaging you introduce source code
modifications, the GPL says that the resulting combined work must be
distributed under the GPL, at which point there is a conflict with the
OpenSSL license. This isn't the case, of course, if the packaging doesn't
introduce any code linked with the final binaries, so this is mostly a
theoretical concern.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: