Bug#501020: x11vnc depends on the openssl package
> The debian openssl package is not on x11vnc's dependency list.
At least on Debian package 0.9.3.dfsg.1-1.
I didn't checked previous versions.
And that's a bug.
Below, you'll find the output from our package checker (lintian):
This package appears to be covered by the GNU GPL but depends on the
OpenSSL libssl package and does not mention a license exemption or
exception for OpenSSL in its copyright file. The GPL (including version
3) is incompatible with some terms of the OpenSSL license, and therefore
Debian does not allow GPL-licensed code linked with OpenSSL libraries
unless there is a license exception explicitly permitting this.
If only the Debian packaging, or some other part of the package not
linked with OpenSSL, is covered by the GNU GPL, please add a lintian
override for this tag. Lintian currently has no good way of
distinguishing between that case and problematic packages.
That means if we want to ship X11vnc with ssl support, you should:
- add license exemption or exception for OpenSSL as stated by lintian
- avoid linking against OpenSSL and dlopen it.
I have uploaded X11vnc 0.9.8 without ssl for now.
> It is not clear that openssl is a core debian package that is installed on
> every debian system, is it ?
It is installed on a default Debian system. Its priority is important.
From our policy:
Important programs, including those which one would expect to find on any
Unix-like system. If the expectation is that an experienced Unix person who
found it missing would say "What on earth is going on, where is foo?", it must
be an important package. Other packages without which the system will not
run well or be usable must also have priority important. This does not include
Emacs, the X Window System, TeX or any other large applications. The important
packages are just a bare minimum of commonly-expected and necessary tools.