On 2014-05-09 22:41:44 [+0200], Andreas Cadhalpun wrote: > Hi, Hi, > On 09.05.2014 22:01, Andreas Cadhalpun wrote: > >I'm currently looking at updating debian/copyright. > > I think we have a major problem here: None of clamav's reverse-dependencies > (c-icap-modules, dansguardian, havp, python-clamav) have an OpenSSL > exception. > > I have no clue about how to procede, now that clamav depends on openssl. > > Any ideas? > > Besides COPYING contains: > REGARDING OPENSSL > > In addition, as a special exception, the copyright holders give > permission to link the code of portions of this program with the > OpenSSL library under certain conditions as described in each > individual source file, and distribute linked combinations > including the two. > > I'm not sure, if this is a wide enough exception, particular as many files > (in the libclamav directory) include OpenSSL headers, but only a few (e.g. > crypto.c and crypto.h) have an OpenSSL exception in the file, as required by > above general notice. And even in those files this exception doesn't explain > the 'certain conditions', but is rather a copy of above notice. > > I'm no lawyer, but this seems to be problematic.
This is just great. Why didn't they use gnutls / libgcrypto library? I've been lookin at reverting that openssl crypto patch, it looks like a big mess but I think mostly because even those which are unrelated. They also use the openssl code in 7z for instance. Not sure how much of this is okay. Mommy? > Best regards, > Andreas Sebastian _______________________________________________ Pkg-clamav-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-clamav-devel
