On Sun, 2010-11-07 at 13:18 -0800, tony mancill wrote: > Thank you for the link - I haven't been subscribed to mentors for a while and > so > wasn't aware of Patrik Fimml's RFS or your analysis.
I guess you missed this line on the PTS page: mentors.debian.net has version 2.8.6-1 of this package, you should consider sponsoring its upload. http://packages.qa.debian.org/a/abiword.html > In the general sense, it's kind of disappointing that there are still 13 year > old copies of core functionality like blowfish floating around with licensing > issues. Indeed :( > I haven't looked at alternatives all that closely yet, but it seems > like we need to come up with a DFSG alternative either by disabling the ODc > plugin or porting to/finding an alternate blowfish implementation. For the > latter I'm assuming that libcrypto++-dev is the right choice. (In Googling > about for C++ blowfish implementations, Wei Dai's implementation pops up right > away.) That has a weird license too. Not sure if it is GPL compatible or not, please verify that it is before uploading. Some alternatives: libnss-dev is LGPLv2.1+ or GPLv2+ libgcrypt11-dev is LGPL libmcrypt-dev is LGPL libtomcrypt-dev is public domain libxcrypt-dev is LGPL or more permissive Fedora is standardising on nss. -- bye, pabs http://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part