Hi Jurgen; --- On Thu, 11/24/11, Jürgen Schmidt <[email protected]> wrote:
> > > > > As I had understood it the idea is that we shouldn't > > be using patches as a workaround to do actual coding > > on top of copyleft components, so I guess if the > > components are not on by default that is OK. This > > is still not the best solution, especially for the > > nss code but we can live with it for now. > > And we have tired to upstream our patches but often they > are to specific that they are not accepted or the version > we use too old. > Now that you mention this, the old versions of certain programs are a concern due to security issues :(. I am cheering for hdu's attempt to replace nss with openssl. > We provide both the sources and the patches we have made > and that should be ok from a license perspective. > Yes you are right because it's off by default: builders must be aware that the code they are downloading is (weak) copyleft . cheers, Pedro. ps. (hope you did get that fetch_tarball.sh script, the ML tends to eat attachments).
