Package: ssh Version: 1:3.6.1p2-8 Severity: serious In the copyright file, it is claimed that: The Debian patch is distributed under the terms of the GPL, which you can find in /usr/share/common-licenses/GPL. If this is true, then there is a license conflict. ssh is linked with libssl0.9.7, which is the openssl library. The terms of the GPL and those of OpenSSL's license conflict and Debian does not consider OpenSSL to fall under the "integral part of the system" exception. See -legal for more information, or better yet, search the archives. One of the copyright notices in the copyright file claims: The 32-bit CRC implementation in crc32.c is due to Gary S. Brown. Comments in the file indicate it may be used for any purpose without restrictions: * COPYRIGHT (C) 1986 Gary S. Brown. You may use this program, or * code or tables extracted from it, as desired without restriction. which does *absolutely nothing* for Debian. Use (at least in the US) is already explicitly permitted by copyright law. This grants us no rights to distribute, modify, or copy, and so *fails* virtually every provision of the DFSG. This code may have already been replaced, and if so, you can ignore this portion of the bug. I remember seeing something about this on -legal. You may want to investigate whether this is the case. -- System Information: Debian Release: testing/unstable Architecture: i386 Kernel: Linux stonewall.crustytoothpaste.ath.cx 2.6.0-test4-1-386 #5 Thu Sep 4 21:30:10 EST 2003 i686 Locale: LANG=C, LC_CTYPE=C (ignored: LC_ALL set to C) Versions of packages ssh depends on: ii adduser 3.51 Add and remove users and groups ii debconf 1.3.14 Debian configuration management sy ii libc6 2.3.2-7 GNU C Library: Shared libraries an ii libpam-modules 0.76-14 Pluggable Authentication Modules f ii libpam0g 0.76-14 Pluggable Authentication Modules l ii libssl0.9.7 0.9.7b-2 SSL shared libraries ii libwrap0 7.6-ipv6.1-3 Wietse Venema's TCP wrappers libra ii zlib1g 1:1.1.4-15 compression library - runtime -- debconf information excluded -- Brian M. Carlson <sandals@crustytoothpaste.ath.cx> 0x560553e7 "Let us think the unthinkable, let us do the undoable. Let us prepare to grapple with the ineffable itself, and see if we may not eff it after all." --Douglas Adams
Attachment:
signature.asc
Description: Digital signature