On Wed, 27 Mar 2019 11:04:30 +0100 Christoph Berg <m...@debian.org> wrote:> Re: Ansgar Burchardt 2019-03-20 <751a89074fcaa393f2cc26ff676e9e3434ecd706.ca...@43-1.org> > > the OpenSSL ./. GPL problem (if one sees it as a problem) is larger > > than just libpq5: just looking at a small sample of the direct rdeps of > > libssl1.1, one can find the following GPL-licensed programs linking it: > > > > cryptsetup, wesnoth, mydumper, mupdf, gatling, kopete > > > > Also amanda-client, validns as they contain patches in d/patches > > licensed under the GPL. > > > > There are probably lots more, especially when you start looking at > > libraries (and their whole dependency trees). > > > > There is also cups which was reported to switch to Apache-2 which is > > also GPL-2-incompatible... That has lots of rdeps too (including for > > example all GTK applications). > > > > Fedora treats OpenSSL as a "system library"[1]. I would guess they > > might do the same for libcups too. > > > > Ansgar > > > > [1] > > https://fedoraproject.org/wiki/Licensing:FAQ#What.27s_the_deal_with_the_OpenSSL_license.3F > > Reassigning to ftp-master to get an answer on if this is a problem for > Debian, or if we can invoke the system library exception, or other > resolutions. > > Christoph
OpenSSL, cups, and libgcc are considered system libraries now: http://meetbot.debian.net/debian-ftp/2020/debian-ftp.2020-03-13-20.02.html. I guess this issue can be closed.