severity 291658 normal retitle 291658 nessus-plugins: Some NASL plugins in release 2.2.2a (and later) are non-free thanks
On Sat, Jan 22, 2005 at 08:26:39AM +0100, Florian Weimer wrote: > > Upstream claims that large parts of nessus-plugins has never been > licensed under the GPL. The copyright status of many NASL scripts is > indeed very unclear. This claim only applies to post-2.2.2a releases, as you can see from the COPYING license of all the ftp sources in nessus.org (pre-2.2.2a). Upstream (that is, Renaud Deraison) has not changed those. So they still apply. Moreover, the copyright status of the NASL scripts is not unclear (copyright holders are stated for all of the scripts). The license status, however, has changed for some of the NASL scripts in 2.2.2a (and 2.3). For previous releases the "Nessus Script License" = GPL. Debian currently distributes 2.2.2 BTW. > The new upstream license does not give permission to redistribute, so > it's not suitable for non-free either. Correct, the _new_ one, which does not apply retroactively to all other versions (note again that upstream has not changed the copyright statements in those). That's why I haven't packaged 2.2.2a yet. I will probably repackage that version with only a _very_ limited number of plugins and tell users to go and download them if they want the non-free scripts. In any case, if you are interested upstream has not contacted the writers of some NASL scripts (me included) before re-licensing them. So this relicensing might not even be valid in some cases, only for those plugins which are copyrighted by Tenable or Renaud (the majority, however As I said before for the 2.3 release I will repackage the NASL scripts and only provide in the archive those that have been determined to be free (i.e. GPL or BSD licensed). Regards Javier
signature.asc
Description: Digital signature
