Re: unknown license for package/debian/* in d/copyright in adopted package
Ian Jacksonwrites: > Do you agree that my mail exchange as found in the sympathy package is > a good example of how to ask these questions, and how to record the > answers ? Ian Jackson writes: > I meant this, which I provided a link to earlier: > https://browse.dgit.debian.org/sympathy.git/tree/COPYING.emails Yes, that's a good record of the conversation. It'd be better IMO if it included each message's Message-ID field, or some other URI for each message so that the parties in the conversation can later verify that it matches their own record of the discussion. Are there messages in that file that could be removed? I typically try to get a single message from the copyright holder, that contains an explicit and unambiguous grant of a specific license. Often that isn't forthcoming as clearly as we might like, because of how the correspondence unfolds. I appreciate that you pressed for that in the discussion for ‘sympathy’. Maybe that's just an example of a case where no one message will clearly show the grant of license, and the whole set needs to be examined. -- \“If it ain't bust don't fix it is a very sound principle and | `\ remains so despite the fact that I have slavishly ignored it | _o__) all my life.” —Douglas Adams | Ben Finney
Re: [licence] specific licenses for backdoor-factory software
On Tue, May 30, 2017 at 8:45 PM, Philippe THIERRY wrote: > The main tool is based on the following license file (LICENSE.txt) : This is almost identical to the 3-clause BSD license, the only change is s/university|regents/copyright holder/ > You may not redistribute aPLib without all of the files. May violate DFSG item 3. > You may not edit or reverse engineer any of the files (except the header > files and the decompression code, which you may edit as long as you do not > remove > the copyright notice). May violate DFSG item 5. > You may not sell aPLib, or any part of it, for money (except for charging > for the media). May violate DFSG item 6. > - Is the main software legaly acceptable for Debian ? The 3-clause BSD license is a very common DFSG-free license. > - Do i need to clean the upstream (deleting aPlib dir) making a dfsg package > or the upstream can be kept in the source package untouched if the aPlib is > not installed in the bin packages ? If you want the source package in Debian main, it must be fully DFSG-free. So your options are to either put the whole thing in non-free, strip the aPlib dir or convince the aPlib copyright holders to release it under a DFSG-free license. -- bye, pabs https://wiki.debian.org/PaulWise
Re: zstd: PATENTS application to copyright
On Tue, May 30, 2017 at 2:56 PM, Ben Finneywrote: > Jeff Epler writes: > >> Apparently, >> https://github.com/facebook/zstd >> https://github.com/facebook/zstd/blob/dev/LICENSE >> https://github.com/facebook/zstd/blob/dev/PATENTS > > Thank you for this, and for the complete text of the conditions. It > allows discussion to be more easily read in the archives of this forum. > > >> Contents of .../LICENSE of this date: >> BSD License >> >> For Zstandard software >> […] > > That is a standard 3-clauses BSD license. It grants all the > DFSG-required freedoms to every recipient. > >> Copyright (c) 2016-present, Facebook, Inc. All rights reserved. > > The “All rights reserved” is legal twaddle AFAICT, because it is then > immediately contradicted by *granting* some rights to the recipient. > > The “Copyright (c) 2016-present” is an overreach. Copyright inheres when > a work is published – fixed in a medium of expression – not forever into > the future, whenever the “present” that the document is being read. > > Neither of those is a DFSG problem, I believe. They do exhibit a > troubling disregard for the proper limits to copyright. > > >> Contents of .../PATENTS of this date: >> Additional Grant of Patent Rights Version 2 >> >> "Software" means the Zstandard software distributed by Facebook, Inc. >> >> Facebook, Inc. ("Facebook") hereby grants to each recipient of the Software >> ("you") a perpetual, worldwide, royalty-free, non-exclusive, irrevocable >> (subject to the termination provision below) license under any Necessary >> Claims, to make, have made, use, sell, offer to sell, import, and otherwise >> transfer the Software. > > I'm less familiar with the effects of wording in patent law. This has > the appearance of granting limited license to exercise patents held by > Facebook. > >> The license granted hereunder will terminate, automatically and >> without notice, if you […] > > What is “hereunder” intended to mean? No license is granted following > that text; the only license granted in this document is *above* (prior > to) this text. > > Does it mean “the license granted below”? If so, it appears to be null, > because there is no such license. > > Does it mean “the license granted in this document”? If so, this clause > is attempting to punish patent attacks with revocation of the patent > license granted above. > > > This clause is activated when the recipient asserts a proprietary idea > patent over some other party's use of that idea. > > I am quite sure the act of asserting software idea patents is not a > freedom anyone is guaranteed in free software; indeed, it is violently > contrary to software freedom. > > So, because it does not appear to limit any DFSG freedom, this clause > appears to me to be no problem for the DFSG. OK, I understand your point. Thanks for your time.
[licence] specific licenses for backdoor-factory software
Hi, I'm currently packaging "backdoor-factory" for the pkg-security team. The tool is already in kali. The upstream sources are hosted here: https://github.com/secretsquirrel/the-backdoor-factory The main tool is based on the following license file (LICENSE.txt) : ---8<--- Copyright (c) 2013-2016, Joshua Pitts All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ---8<--- The upstream sources also contain a subdir (not required for the tool but existing in the upstream git repository), containing the tool aPlib (a compression library). This tool is using the following license (looks like common license), file aPLib/readme.txt: ---8<--- [...] License --- aPLib is freeware. If you use aPLib in a product, an acknowledgement would be appreciated, e.g. by adding something like the following to the documentation: This product uses the aPLib compression library, Copyright (c) 1998-2014 Joergen Ibsen, All Rights Reserved. For more information, please visit: http://www.ibsensoftware.com/ You may not redistribute aPLib without all of the files. You may not edit or reverse engineer any of the files (except the header files and the decompression code, which you may edit as long as you do not remove the copyright notice). You may not sell aPLib, or any part of it, for money (except for charging for the media). #ifndef COMMON_SENSE This software is provided "as is". In no event shall I, the author, be liable for any kind of loss or damage arising out of the use, abuse or the inability to use this software. USE IT ENTIRELY AT YOUR OWN RISK! This software comes without any kind of warranty, either expressed or implied, including, but not limited to the implied warranties of merchantability or fitness for any particular purpose. If you do not agree with these terms or if your jurisdiction does not allow the exclusion of warranty and liability as stated above you are NOT allowed to use this software at all. #else Bla bla bla .. the usual stuff - you know it anyway: If anything goes even remotely wrong - blame _yourself_, NOT me! #endif ---8<--- - Is the main software legaly acceptable for Debian ? - Do i need to clean the upstream (deleting aPlib dir) making a dfsg package or the upstream can be kept in the source package untouched if the aPlib is not installed in the bin packages ? Thanks a lot for your response, -- Philippe THIERRY.
Re: zstd: PATENTS application to copyright
Jeff Eplerwrites: > Apparently, > https://github.com/facebook/zstd > https://github.com/facebook/zstd/blob/dev/LICENSE > https://github.com/facebook/zstd/blob/dev/PATENTS Thank you for this, and for the complete text of the conditions. It allows discussion to be more easily read in the archives of this forum. > Contents of .../LICENSE of this date: > BSD License > > For Zstandard software > […] That is a standard 3-clauses BSD license. It grants all the DFSG-required freedoms to every recipient. > Copyright (c) 2016-present, Facebook, Inc. All rights reserved. The “All rights reserved” is legal twaddle AFAICT, because it is then immediately contradicted by *granting* some rights to the recipient. The “Copyright (c) 2016-present” is an overreach. Copyright inheres when a work is published – fixed in a medium of expression – not forever into the future, whenever the “present” that the document is being read. Neither of those is a DFSG problem, I believe. They do exhibit a troubling disregard for the proper limits to copyright. > Contents of .../PATENTS of this date: > Additional Grant of Patent Rights Version 2 > > "Software" means the Zstandard software distributed by Facebook, Inc. > > Facebook, Inc. ("Facebook") hereby grants to each recipient of the Software > ("you") a perpetual, worldwide, royalty-free, non-exclusive, irrevocable > (subject to the termination provision below) license under any Necessary > Claims, to make, have made, use, sell, offer to sell, import, and otherwise > transfer the Software. I'm less familiar with the effects of wording in patent law. This has the appearance of granting limited license to exercise patents held by Facebook. > The license granted hereunder will terminate, automatically and > without notice, if you […] What is “hereunder” intended to mean? No license is granted following that text; the only license granted in this document is *above* (prior to) this text. Does it mean “the license granted below”? If so, it appears to be null, because there is no such license. Does it mean “the license granted in this document”? If so, this clause is attempting to punish patent attacks with revocation of the patent license granted above. This clause is activated when the recipient asserts a proprietary idea patent over some other party's use of that idea. I am quite sure the act of asserting software idea patents is not a freedom anyone is guaranteed in free software; indeed, it is violently contrary to software freedom. So, because it does not appear to limit any DFSG freedom, this clause appears to me to be no problem for the DFSG. -- \ “No great artist ever sees things as they really are. If he | `\did, he would cease to be an artist.” —Oscar Wilde, _The Decay | _o__) of Lying_, 1889 | Ben Finney
Re: zstd: PATENTS application to copyright
Apparently, https://github.com/facebook/zstd https://github.com/facebook/zstd/blob/dev/LICENSE https://github.com/facebook/zstd/blob/dev/PATENTS Contents of .../LICENSE of this date: BSD License For Zstandard software Copyright (c) 2016-present, Facebook, Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name Facebook nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Contents of .../PATENTS of this date: Additional Grant of Patent Rights Version 2 "Software" means the Zstandard software distributed by Facebook, Inc. Facebook, Inc. ("Facebook") hereby grants to each recipient of the Software ("you") a perpetual, worldwide, royalty-free, non-exclusive, irrevocable (subject to the termination provision below) license under any Necessary Claims, to make, have made, use, sell, offer to sell, import, and otherwise transfer the Software. For avoidance of doubt, no license is granted under Facebook’s rights in any patent claims that are infringed by (i) modifications to the Software made by you or any third party or (ii) the Software in combination with any software or other technology. The license granted hereunder will terminate, automatically and without notice, if you (or any of your subsidiaries, corporate affiliates or agents) initiate directly or indirectly, or take a direct financial interest in, any Patent Assertion: (i) against Facebook or any of its subsidiaries or corporate affiliates, (ii) against any party if such Patent Assertion arises in whole or in part from any software, technology, product or service of Facebook or any of its subsidiaries or corporate affiliates, or (iii) against any party relating to the Software. Notwithstanding the foregoing, if Facebook or any of its subsidiaries or corporate affiliates files a lawsuit alleging patent infringement against you in the first instance, and you respond by filing a patent infringement counterclaim in that lawsuit against that party that is unrelated to the Software, the license granted hereunder will not terminate under section (i) of this paragraph due to such counterclaim. A "Necessary Claim" is a claim of a patent owned by Facebook that is necessarily infringed by the Software standing alone. A "Patent Assertion" is any lawsuit or other action alleging direct, indirect, or contributory infringement or inducement to infringe any patent, including a cross-claim or counterclaim.
Re: zstd: PATENTS application to copyright
Mathieu Malaterrewrites: > I cannot find any older thread discussing zstd being in the main > section of Debian, so I am raising the subject just for later > reference. Can you post the URL to the code base being discussed? Also, the full text of the license conditions recipients receive. -- \ “My mind is incapable of conceiving such a thing as a soul. I | `\ may be in error, and man may have a soul; but I simply do not | _o__) believe it.” —Thomas Edison | Ben Finney
zstd: PATENTS application to copyright
Hi there, I cannot find any older thread discussing zstd being in the main section of Debian, so I am raising the subject just for later reference. Could someone please confirm this is acceptable for main, in particular the section: "The license granted hereunder will terminate, ", see below for full reference. Thanks much ! ``` Additional Grant of Patent Rights Version 2 "Software" means the Zstandard software distributed by Facebook, Inc. Facebook, Inc. ("Facebook") hereby grants to each recipient of the Software ("you") a perpetual, worldwide, royalty-free, non-exclusive, irrevocable (subject to the termination provision below) license under any Necessary Claims, to make, have made, use, sell, offer to sell, import, and otherwise transfer the Software. For avoidance of doubt, no license is granted under Facebook’s rights in any patent claims that are infringed by (i) modifications to the Software made by you or any third party or (ii) the Software in combination with any software or other technology. The license granted hereunder will terminate, automatically and without notice, if you (or any of your subsidiaries, corporate affiliates or agents) initiate directly or indirectly, or take a direct financial interest in, any Patent Assertion: (i) against Facebook or any of its subsidiaries or corporate affiliates, (ii) against any party if such Patent Assertion arises in whole or in part from any software, technology, product or service of Facebook or any of its subsidiaries or corporate affiliates, or (iii) against any party relating to the Software. Notwithstanding the foregoing, if Facebook or any of its subsidiaries or corporate affiliates files a lawsuit alleging patent infringement against you in the first instance, and you respond by filing a patent infringement counterclaim in that lawsuit against that party that is unrelated to the Software, the license granted hereunder will not terminate under section (i) of this paragraph due to such counterclaim. A "Necessary Claim" is a claim of a patent owned by Facebook that is necessarily infringed by the Software standing alone. A "Patent Assertion" is any lawsuit or other action alleging direct, indirect, or contributory infringement or inducement to infringe any patent, including a cross-claim or counterclaim. ``` Ref: http://metadata.ftp-master.debian.org/changelogs/main/libz/libzstd/unstable_copyright