Re: [Fedora-legal-list] CAcert.org license
by Tom Callaway
On Tue, 2008-12-09 at 23:03 +0100, Matthias Saou wrote:
> > >>>>> "TC" == Tom \"spot\" Callaway <Tom> writes:
> > TC> Given that it does not give permission for us to redistribute (the
> > TC> cornerstone requirement for Content licenses), this license is not
> > TC> acceptable for Fedora.
> > I guess I'm glad I looked before approving the package, but I have to
> > wonder: Do the cacert folks actually want anyone to use their
> > certificates? I mean, this prevents basically everyone from using
> > them, because they can't come with the OS or the browser.
> Personally, the more I read the document, the more I'm confused.
> "You may NOT distribute certificates or root keys under this
> licence"... does this mean we can distribute under a different license?
Well, sortof. The wording here is strange because you can get a
different license from the CA issuer. We can't just pick a license, but
the CA issuer might be willing to give us a different one.
> Would it be worth getting in contact with CAcert.org in order to try
> and have them allow us to redistribute the root certs under conditions
> which are acceptable to the Fedora Project?
Probably, yes. :)
7 years, 1 month
by T.C. Hollingsworth
winetricks  is free software, but I was originally under the
impression that it was ineligible for inclusion in Fedora because it
is used primarily to download and install non-free software. (That is
not it's only function, though--it also does some registry hacks and
can manage multiple WINEPREFIXes.)
However, some members of the community disagree  and say that it
might be eligible for Fedora, so we'd like confirmation one way or the
7 years, 7 months
UROnode licensing question
by Jaroslav Skarvada
I wanted to package UROnode, it seemed to be GPLv2+ licensed amateur radio
software (mirror ), but I came across the following weird text in the
package (in addition to the GPLv2 text):
> URONode is free to use around the globe with the exception of:
> anywhere in or by the Commonwealth of Massachusetts
> anywhere in or by the Commonwealth of Pennsylvania
> Because of their tactics, any of my software is not to be used in these two
> states. Your cooperation is appreciated..
> - N1URO
can be such package included in Fedora?
thanks & regards
8 years, 3 months
Ambiguous license stated by upstream
by Eduardo A. Mayorga
I came into this issue while I was reviewing python-gitapi in BZ. The
author does not include a license file in the sources, and even worse,
one can read this in the README file:
Copyright (c) Fredrik Håård
Do whatever you want, don't blame me. You may also use this software as
licensed under the MIT or BSD licenses, or the more permissive license
Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so:
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
This looks like a MIT variant. The packager patched the package adding a
MIT license copy. I'm not sure what to do about this. I added FE-Legal
as blocking bug to the package review ticket. I hope you can give me
8 years, 6 months
Linking of GPL-only and GPL-incompatible libraries
by Florian Weimer
What's Fedora's stance on linking GPL-only libraries into the same
process as a library which is considered GPL-incompatible (such as
4-clause BSD) if this linking happens rather indirectly?
We currently link psql against both libreadline and libcrypto/libssl
(OpenSSL), so if that is okay, more indirect linking should be
acceptable as well.
However, I'm not sure I'd appreciate that if I were a GPL-only library
author who chose that license deliberately (perhaps even with a desire
to sell alternative licensing), and some intermediate libraries makes my
work available under a more permissive license, only wrapped in a
different programming interface.
Florian Weimer / Red Hat Product Security Team
8 years, 7 months
License field: linked libraries considered?
by Jerry James
I maintain a package whose sources are mostly MIT (with a couple of files
under a BSD license, and one under the Boost license). Upstream just
wrote to tell me that the License field on the package is wrong, because it
contains binaries that are linked with glpk, which is GPLv3. They argue
that the binary package should therefore carry a "GPLv3" license tag,
unless I elect to build it without glpk support (which is optional), in
which case the current License tag of "MIT and BSD and Boost" would be
Is that true? Do we consider library licenses when filling in the License
tag of a package? It would be even worse than that, really, some kind of
transitive closure of all licenses on dependencies of all depths, where
some licenses "taint" the consuming package's license and some don't.
I do not see an answer to this question on
https://fedoraproject.org/wiki/Packaging:LicensingGuidelines. Thanks for
8 years, 7 months
License tag for the minimal BSD license
by Florian Weimer
What's the appropriate license tag for this license?
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
It's the ISC license minus the disclaimer. Is it still appropriate to
BTW, I noticed that Licensing:Main on the wiki has a dead link for the
ISC license. The new URL seems to be:
Florian Weimer / Red Hat Product Security
8 years, 7 months