Package: chocolate-doom Version: 2.1.0-1 Severity: serious Justification: license issue
Chocolate-doom includes code taken from GnuPG, which is GPLv3, whereas chocolate-doom is GPLv2 (or later). Upstream have fixed this by replacing the AES implementation with one from the kernel. See https://github.com/chocolate-doom/chocolate-doom/commit/b3678129fd7bed6c3287ab682819b075e8bf495a For ref, the first commit introducing this code is commit a3b3e15f4eed9aaffc56be69784cd7447cf456de Author: Simon Howard <frag...@gmail.com> Date: Sat Oct 27 06:10:50 2012 +0000 The first released version to include that commit is 2.0.0, meaning only jessie and onwards are impacted. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
