On Thu, 2 Jan 2003, Ed Wilts wrote: > On Thu, Jan 02, 2003 at 03:28:10PM -0600, [EMAIL PROTECTED] wrote: > > Based on the following information below issued in August of 2002, who do > > you consider the distribitor of the GPL/LGPL violation (note despite the > > claim of working "promptly" that the violation still existed in October): > > > > > Dell preloads various Red Hat operating system products pursuant to > > > agreements between our companies which clearly specify that Red Hat, not > > > Dell, is the distributor. As you know, Red Hat makes the source code > > > for all of its open source software available for free download from > > > www.redhat.com, thus providing a mechanism for compliance with the GNU > > > GPL where the source code is not actually shipped with the binaries. > > > However, you raise a good point that purchasers of the Dell machines > > > preloaded with Red Hat Linux who don't receive a source code CD at time > > > of purchase need to be advised that they may obtain the source code from > > > the Red Hat website. We will work promptly with Dell to correct this > > > situation if it has not already been corrected. > > It appears from what you're stating that Red Hat is guilty since they're > the distributor. However, all they're really guilty of is not providing > a letter - the source code *is* available for free download. You > haven't said what happens if you request your source CDs to be mailed to > you - will Red Hat mail it or not? > > As far as GPL violations go, this looks like a pretty minor one, IMO. > > .../Ed
When requested to provide details where a written notice was provided at the time of distribution, RH could not provide any. When requested to provide the source code on CD for the binaries, the availablity of the web/ftp site was repeated. The request for the CD was not honored since the version of the binaries where out of date and in the case of some of the binaries they reverted their claim of being the distributor. But while the request for the source code was issued in August of 2002, by October of 2002 the same "out of date" version of the binaries where still being distributed by the Dell/Red Hat alliance without a copy of the source code or written notice of source code availablity. How is it that the version can be out of date but still distributed two months later? What happened to the three year availablity clause? How long does a GPL violation need to take place before it stops being "minor"? How many exceptions to the GPL is RH allowed before they are violating too many of the terms? Is it ethical to make announcing being a "friend" to Open Source at an Open Source Security Summit a higher priority than actually honoring the "Open Source" license that the majority of your flagship product is covered by? How many security holes to "open source" products are fixed when neither the source code or a written offer to the source code is offered? They claim to be the "responsible" distributor but couldn't answer the the basic question of where a written notice of source code availablity was provided with the product for the over 50% of 2002 there was no written notice provided. At what point does RH stop being a "friend" to Open Source and is a flat out unresponsible liar that puts marketing claims above actual action? You asked for why I considered RH the distributor as the basis of an attack as to if RH was violating the GPL. I have provided the actual text of where RH has declaired themselves the distributor. You now attack the claim on the basis of if the violation is "minor" or not. Is your defination of GPL violation always an unreachable moving target? -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
