Re: Do we need embargoes for GPL compliance issues?
* Russ Allbery:
> Florian Weimer <email@example.com> writes:
>> * Russ Allbery:
>>> Florian Weimer <firstname.lastname@example.org> writes:
>>>> Do you think Debian should welcome embargoes for GPL compliance
>>>> issues? Security embargoes are a huge pain, but one would hope that
>>>> GPL violations by Linux distributions are much rarer events.
>>> I'm sorry, I think I'm missing some basic context required to make
>>> sense of this question (and therefore I suspect other people on this
>>> list are as well).
>>> What exactly would we be embargoing, and why?
>> See bug #907585 for an example. It occurred to me only afterwards
>> that reporting it publicly (upstream) might be a bit inconvenient for
>> some people (although no one has complained to me directly).
> Hm. I guess I'm not seeing any harm there. The problem only happens if a
> copyright holder sees such a notification and then files a formal notice
> of copyright violation, right?
I suppose so.
Thanks for all the feedback. I was just wondering if I was missing
something. Reporting things publicly immediately is probably easier
for all folks involved, and is probably the only realistic way to get
issues addressed when it comes to linux-firmware upstream. I can't
see reporters wanting to talk to lawyers over the phone during the
course of multiple months, which is what I suppose would happen in
case of private reports, even if the reporter does not have a