Your message dated Sat, 21 Jul 2007 13:32:04 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#393398: fixed in mhash 0.9.7.dfsg-1.1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: mhash
Version: 0.9.7-1
Severity: serious
Hi!
This bug has been filed on multiple packages, and general discussions
are kindly requested to take place on debian-legal or debian-devel in
the thread with Subject: "Non-free IETF RFC/I-Ds in source packages".
It seems this source package contains the following files from the
IETF under non-free license terms:
mhash-0.9.7.orig/doc/md5-rfc1321.txt
The license on RFC/I-Ds is not DFSG-free, see:
* http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=199810
* http://release.debian.org/removing-non-free-documentation
* http://wiki.debian.org/NonFreeIETFDocuments
The etch release policy says binary and source packages must each be free:
* http://release.debian.org/etch_rc_policy.txt
The severity is serious, because this violates the Debian policy:
* http://www.debian.org/doc/debian-policy/ch-archive.html#s-dfsg
There are (at least) three ways to fix this problem. In order of
preference:
1. Ask the author of the RFC to re-license the RFC under a free
license. A template for this e-mail request can be found at
http://wiki.debian.org/NonFreeIETFDocuments
2. Remove the non-free material from the source, e.g., by re-packaging
the upstream archive and adding a 'dfsg' version name to it.
3. Move the package to non-free.
I went over many packages looking for names of likely non-free files,
and there may be false positives. If this is the case for your
package, I'm sorry for the noise. I'll modify the scripts to take
into account false positives when I learn of them, and publish the
list of exceptions under "Known exceptions" at
<http://wiki.debian.org/NonFreeIETFDocuments>.
Thanks,
Simon
--- End Message ---
--- Begin Message ---
Source: mhash
Source-Version: 0.9.7.dfsg-1.1
We believe that the bug you reported is fixed in the latest version of
mhash, which is due to be installed in the Debian FTP archive:
libmhash-dev_0.9.7.dfsg-1.1_amd64.deb
to pool/main/m/mhash/libmhash-dev_0.9.7.dfsg-1.1_amd64.deb
libmhash2_0.9.7.dfsg-1.1_amd64.deb
to pool/main/m/mhash/libmhash2_0.9.7.dfsg-1.1_amd64.deb
mhash_0.9.7.dfsg-1.1.diff.gz
to pool/main/m/mhash/mhash_0.9.7.dfsg-1.1.diff.gz
mhash_0.9.7.dfsg-1.1.dsc
to pool/main/m/mhash/mhash_0.9.7.dfsg-1.1.dsc
mhash_0.9.7.dfsg.orig.tar.gz
to pool/main/m/mhash/mhash_0.9.7.dfsg.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Pierre Habouzit <[EMAIL PROTECTED]> (supplier of updated mhash package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 21 Jul 2007 15:19:31 +0200
Source: mhash
Binary: libmhash-dev libmhash2
Architecture: source amd64
Version: 0.9.7.dfsg-1.1
Distribution: unstable
Urgency: low
Maintainer: Chris Hanson <[EMAIL PROTECTED]>
Changed-By: Pierre Habouzit <[EMAIL PROTECTED]>
Description:
libmhash-dev - Library for cryptographic hashing and message authentication
libmhash2 - Library for cryptographic hashing and message authentication
Closes: 393398
Changes:
mhash (0.9.7.dfsg-1.1) unstable; urgency=low
.
* Non-maintainer upload.
* Pruning rfc's from the source package (Closes: 393398).
Files:
7048555e28f9442588ee1222659541c6 602 libs optional mhash_0.9.7.dfsg-1.1.dsc
c955cb466f6f88e18d02c0c49965f087 514678 libs optional
mhash_0.9.7.dfsg.orig.tar.gz
3edd30610e5e60c4ec41c41070c8af3c 80316 libs optional
mhash_0.9.7.dfsg-1.1.diff.gz
cb3a8f5f168ae6f6fa6320f464a93c27 104930 libs optional
libmhash2_0.9.7.dfsg-1.1_amd64.deb
7e1b9d4bf37ca082908f47093b1261e2 123732 libdevel optional
libmhash-dev_0.9.7.dfsg-1.1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGogh5vGr7W6HudhwRAnzUAJ4hlw75/AoOQ2FTFg/G6HY8FOJ0VACeKbUu
YPCC79XzOGeG2wf8Un0VcDk=
=msWW
-----END PGP SIGNATURE-----
--- End Message ---
