[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Do we need embargoes for GPL compliance issues?

* Russ Allbery:

> Florian Weimer <fw@deneb.enyo.de> writes:
>> * Russ Allbery:
>>> Florian Weimer <fw@deneb.enyo.de> writes:
>
>>>> Do you think Debian should welcome embargoes for GPL compliance
>>>> issues?  Security embargoes are a huge pain, but one would hope that
>>>> GPL violations by Linux distributions are much rarer events.
>
>>> I'm sorry, I think I'm missing some basic context required to make
>>> sense of this question (and therefore I suspect other people on this
>>> list are as well).
>
>>> What exactly would we be embargoing, and why?
>
>> See bug #907585 for an example.  It occurred to me only afterwards
>> that reporting it publicly (upstream) might be a bit inconvenient for
>> some people (although no one has complained to me directly).
>
> Hm.  I guess I'm not seeing any harm there.  The problem only happens if a
> copyright holder sees such a notification and then files a formal notice
> of copyright violation, right?

I suppose so.

Thanks for all the feedback.  I was just wondering if I was missing
something.  Reporting things publicly immediately is probably easier
for all folks involved, and is probably the only realistic way to get
issues addressed when it comes to linux-firmware upstream.  I can't
see reporters wanting to talk to lawyers over the phone during the
course of multiple months, which is what I suppose would happen in
case of private reports, even if the reporter does not have a
copyright interest.
Reply to: