Re: Copyright issue in rush_1.7+dfsg-1.
On 15/08/2012 15:34, Mats Erik Andersson wrote:
>
> the initial release of rush_1.7+dfsg-1 happened a year ago.
> The package has a minute user base, but when I returned to the
> package recently I happened to notice that there was a clear
> mistake in the recording of copyright terms for one of the
> files. The published package claims GPL, whereas a scrutiny
> of the text reveals a custom license, very close to a public
> domain attribution, intended to allow linking with LGPL.
> My sponsor Sven Hoexter suggests that this might be classified
> as a release critical deviation. Presently he has uploaded
> the package to "experimental" while we await guidance from
> this list.
>
> However, the updated packaging rush_1.7+dfsg-2, which I have
> uploaded to "debian.mentors.net", happens to also address the
> hardened build of the contained binary executables. It is
> a priori not obvious that this composite package update would
> qualify for inclusion in the upcoming release, this late in
> the process. Personally I regard the hardening valuable to
> a security relevant service like GNU Rush, so I now seek
> conclusive advice on this matter, as to the prospects of
> unblocking the package and getting it into "testing".
>
Sorry for the delay.
I guess we could accept the changes made in the copyright file (as it
counts as a documentation fix), but we prefer to not have further
changes in the package.
HTH,
--
Mehdi Dogguy مهدي الدڤي
Reply to: