Your message dated Wed, 18 Oct 2006 03:02:10 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#393400: fixed in nettle 1.14.1-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: nettle
Version: 1.14-1
Severity: serious
Hi!
This bug has been filed on multiple packages, and general discussions
are kindly requested to take place on debian-legal or debian-devel in
the thread with Subject: "Non-free IETF RFC/I-Ds in source packages".
It seems this source package contains the following files from the
IETF under non-free license terms:
nettle-1.14.orig/testsuite/rfc1750.txt
The license on RFC/I-Ds is not DFSG-free, see:
* http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=199810
* http://release.debian.org/removing-non-free-documentation
* http://wiki.debian.org/NonFreeIETFDocuments
The etch release policy says binary and source packages must each be free:
* http://release.debian.org/etch_rc_policy.txt
The severity is serious, because this violates the Debian policy:
* http://www.debian.org/doc/debian-policy/ch-archive.html#s-dfsg
There are (at least) three ways to fix this problem. In order of
preference:
1. Ask the author of the RFC to re-license the RFC under a free
license. A template for this e-mail request can be found at
http://wiki.debian.org/NonFreeIETFDocuments
2. Remove the non-free material from the source, e.g., by re-packaging
the upstream archive and adding a 'dfsg' version name to it.
3. Move the package to non-free.
I went over many packages looking for names of likely non-free files,
and there may be false positives. If this is the case for your
package, I'm sorry for the noise. I'll modify the scripts to take
into account false positives when I learn of them, and publish the
list of exceptions under "Known exceptions" at
<http://wiki.debian.org/NonFreeIETFDocuments>.
Thanks,
Simon
--- End Message ---
--- Begin Message ---
Source: nettle
Source-Version: 1.14.1-1
We believe that the bug you reported is fixed in the latest version of
nettle, which is due to be installed in the Debian FTP archive:
libnettle-dev_1.14.1-1_amd64.deb
to pool/main/n/nettle/libnettle-dev_1.14.1-1_amd64.deb
libnettle2_1.14.1-1_amd64.deb
to pool/main/n/nettle/libnettle2_1.14.1-1_amd64.deb
nettle-bin_1.14.1-1_amd64.deb
to pool/main/n/nettle/nettle-bin_1.14.1-1_amd64.deb
nettle_1.14.1-1.diff.gz
to pool/main/n/nettle/nettle_1.14.1-1.diff.gz
nettle_1.14.1-1.dsc
to pool/main/n/nettle/nettle_1.14.1-1.dsc
nettle_1.14.1.orig.tar.gz
to pool/main/n/nettle/nettle_1.14.1.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Marek Habersack <[EMAIL PROTECTED]> (supplier of updated nettle package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 18 Oct 2006 09:47:03 +0200
Source: nettle
Binary: libnettle-dev nettle-bin libnettle2
Architecture: source amd64
Version: 1.14.1-1
Distribution: unstable
Urgency: low
Maintainer: Marek Habersack <[EMAIL PROTECTED]>
Changed-By: Marek Habersack <[EMAIL PROTECTED]>
Description:
libnettle-dev - low level cryptographic library (development files)
libnettle2 - low level cryptographic library
nettle-bin - low level cryptographic library (binary tools)
Closes: 393400
Changes:
nettle (1.14.1-1) unstable; urgency=low
.
* Removed non-DFSG file from the archive and disabled the
corresponding test case
* Source package contains non-free IETF RFC/I-D's (Closes: #393400)
* Since there is no upstream release available, a "fake" version number
is added to the version.
Files:
ad3ae2651bd33fa392d9e7fec2d257b3 612 libs optional nettle_1.14.1-1.dsc
fda1e0e757551a8b04c74cc107d0bb9d 787989 libs optional nettle_1.14.1.orig.tar.gz
864c9b0541cf965cef688200ba05e63b 22280 libs optional nettle_1.14.1-1.diff.gz
ba718656bd89f9524926dbcc51a5aee2 132628 libs optional
libnettle2_1.14.1-1_amd64.deb
1b4d9ddbe7512a08d430e672786531df 433112 libdevel optional
libnettle-dev_1.14.1-1_amd64.deb
504f42ed11b91c288757d6b7aa0d4845 53470 misc optional
nettle-bin_1.14.1-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFFNfosq3909GIf5uoRAq2IAJ46Pla9pMZ0o9FfDHYdyTXxPf2NewCfXGpR
5Vv1g8/5JNcwcR79L84xdBw=
=LOIN
-----END PGP SIGNATURE-----
--- End Message ---
