[Should this thread be carried over to debian-devel?] On Mon, Apr 14, 2003 at 01:25:28PM +0200, Sander Smeenk wrote: > Quoting Wichert Akkerman ([EMAIL PROTECTED]): > > Previously Marek Habersack wrote: > > > What about a case as mine - Pike 7.4 is MPL/GPL/LGPL. How does that look > > > in > > > this situation? > > You might get away with the MPL/LGPL options, but you should probably > > ask for confirmation on debian-legal.
> So, what *am* I supposed to do? Rebuild against libmysqlclient12 > and break licenses? Not rebuild and have an uninstallable snort-mysql? The libmysqlclient10 package (src: libmysqlclient-lgpl) was uploaded to the archive last night, and is now in the hands of the ftpmasters (NEW processing). Packages which must (or choose to) link against the LGPL variant will be installable again soon. I've heard the suggestion a couple of times that we should try to persuade upstream to recant their license change. It's fine with me if people want to do that, but I think this license change was deliberate; and if they can be persuaded, it will still take a fairly long time. Until then, there needs to be an LGPL fork of libmysqlclient, or we need to file RC bugs against almost all MySQL using packages. :-) > Should we massively ask permission to explicitly link against OpenSSL > from the OpenSSL upstream? It was something like that, right? You were > supposed to ask permission to link against OpenSSL. No, the issue is that OpenSSL's license is not GPL compatible; binaries of GPL software linked against OpenSSL are not distributable, because the *GPL* prohibits this when the entire work cannot be distributed under the GPL. This is why you must ask the upstream of your GPL software for a license exception if you need to do this. There's also no wiggle room for "indirect linking" arguments, because Debian is distributed as a cohesive whole: if we distribute GPL app foo linked against LGPL library bar, and Debian's copy of libbar is linked against OpenSSL, you cannot argue that it was not our intent to distribute a copy of foo that depends on OpenSSL -- if it was, we should have provided a copy of libbar that was *not* linked against OpenSSL. Regards, -- Steve Langasek postmodern programmer
pgpFhFlcRpWDq.pgp
Description: PGP signature
