Re: review of jabberd2 packages

Wed, 14 Jul 2004 17:09:58 -0500 

On Wed, Jul 14, 2004 at 02:48:53PM -0400, Brian Thomas Sniffen wrote:
> "Jamin W. Collins" <[EMAIL PROTECTED]> writes:
> 
> > I'm wondering if any of the frequent -legal posters would mind helping
> > with a review of my proposed Jabberd2 packages.  There was some concern
> > over the original package and the fact that a GPL'd work was linked
> > against OpenSSL.  I understand this concern and the upstream author has
> > been very cooperative in attempting to sort these matters out.  An
> > exception has been added for Jabberd2 to allow linking against OpenSSL,
> > but I would like to try and make sure there aren't any other licensing
> > problems.
> 
> Iff:
> 
> * The entire package is under the GNU GPL version 2
> 
> * and there's an exception to allow linking against OpenSSL
> 
> * And every copyright holder on the package agreed to that exception
>   -- so it doesn't reuse GPL'd code from elsewhere, for example,
>      unless there's also a GPL exception for OpenSSL from the authors
>      of that code.
> 
> THEN the GPL/OpenSSL issue is fine, and there are likely no other
> licensing concerns.

Jabberd2 is indeed licensed under the GPLv2, but the concern I have is
over the various linkings of the package.  The packages depended on by
the various versions of the Jabberd2 builds are:

   libc6
   libidn11
   libmysqlclient12
   libpam0g
   libpq3
   libssl0.9.7
   zlib1g
   libldap2
   libdb4.2

The licenses are as follows (as far as I know):
   
   Sleepycat License?:
   - libdb4.2
   
   BSD:
   x libpq3
   x zlib1g
   
   GPLv2:
   * dpatch
   * debhelper
   - libmysqlclient12
   
   GPLv2 & BSD:
   - libpam0g
   
   OpenLDAP Public License:
   - libldap2
   
   LGPL:
   - libidn11
   - libc6
   
   OpenSSL & SSLeay:
   - libssl0.9.7

The items marked with a * aren't linked in the resulting binaries
(obviously) but are used for the package creation.  I'm not sure how
this effects the licensing considerations if at all.

Those marked with a x seem to resemble BSD license but don't exactly
match the copy found in /usr/share/common-licenses/.

I've attached the copyright files for the packages whose license is not
in /usr/share/common-licenses/ (and those that differ) to this message
(gzip'd to conserve the lists and subscribers bandwidth).

-- 
Jamin W. Collins

Remember, root always has a loaded gun.  Don't run around with it unless
you absolutely need it. -- Vineet Kumar

Attachment: libdb4.2-copyright.gz
Description: Binary data

Attachment: libpam0g-copyright.gz
Description: Binary data

Attachment: libpq3-copyright.gz
Description: Binary data

Attachment: libssl0.9.7-copyright.gz
Description: Binary data

Attachment: zlib1q-copyright.gz
Description: Binary data

Reply via email to