On 24/04/12 17:25, Thorsten Glaser wrote: > Hi all, > > this bug has been brought to my attention by my boss today. > If I understand the situation correctly, the problem is: > > • OpenLDAP links against GnuTLS (gnutls26) > • gnutls26 links against gcrypt, which has the bug > • gnutls28 links against nettle, but also gmp which is LGPLv3+ > • OpenLDAP thus can’t link against gnutls28, as it has reverse > dependencies that are not LGPLv3-/GPLv3-compatible > • the package affected is libnss-ldap though >
Which ones are the reverse dependencies of libnss-ldap or OpenLDAP that are LGPLv3+ incompatibles? According to [1], the only combination forbidden is GPLv2 (LGPLv2 and LGPLv2.1 is allowed per point 3. of the license, explained also on [1] ). Looking at the recursive reverse dependencies of libnss-ldap [2] I fail to find any package that is GPLv2 only. If there isn't any GPLv2 reverse dependency, then OpenLDAP can be just recompiled to link against gnutls28 and this long standing bug will be fixed. Thoughts? Regards! -------- [1] https://bugzilla.redhat.com/show_bug.cgi?id=986347 [2] $ apt-rdepends libnss-ldap
signature.asc
Description: OpenPGP digital signature
