Bug#520485: kdelibs: inadequate copyright file prevents binary packages from being legally distributable
Package: kdelibs
Version: 4:3.5.10.dfsg.1-2
Severity: serious
Justification: Policy 12.5
Sune suggested I look at kde packages to see if they have adequate
debian/copyright. I'm sorry but they don't seem to. Although I only
did a very brief check, I see several problems right away. Below are
some of the problems I immediately spotted. I didn't do a full scan
of the source for other license problems, but that clearly needs to be
done.
./kio/kio/ksambashare.cpp:
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public
License version 2 as published by the Free Software Foundation.
There are many files like this one that are GPLv2 only. The copyright
file refers to /usr/share/common-licenses/GPL which is GPL3+
--
kdelibs-3.5.10/kinit/setproctitle* are distributed under a license not
mentioned in debian/copyright.
--
many files are under a BSD license which explicitly states:
Redistributions in binary form must reproduce the above copyright
but the above copyright isn't duplicated in the binary packages.
oThese copyright statemnts must appear in debian/copyright
---
several files in kdecore/network contain a license not mentioned in
debian/copyright:
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
and the copyright holders are not listed as in the binary packages as
is required for distribution.
---
bye,
stew
-- System Information:
Debian Release: 5.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.28-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages kdelibs depends on:
ii kdelibs-data 4:3.5.10.dfsg.1-1 core shared data for all KDE appli
ii kdelibs4c2a 4:3.5.10.dfsg.1-1+b1 core libraries and binaries for al
kdelibs recommends no packages.
kdelibs suggests no packages.
Reply to: