Re: Dual licensed LGPL2.1/GPL3 linking to GPL3 with OpenSSL exception
On 28/02/15 02:31, Riley Baird wrote: Hi -legal! I was reviewing a package classified-ads for Debian, and I noticed a potential problem in the process. Namely, the author of the program has decided to use GPL3 with the OpenSSL exception. However, they have taken some files from Nokia which are dual licensed under either LGPL2.1 or GPL3. I think that since Nokia did not make the OpenSSL exception, Debian cannot legally distribute the result. However, I assume that it would be okay if the maintainer decided to change their license to LGPL2.1. Can someone confirm whether all of this is correct? The project is here: https://github.com/operatornormal/classified_ads/ and the Nokia-licensed files are here: https://github.com/operatornormal/classified_ads/tree/master/textedit Yours thankfully, Riley Baird Or they could keep the files from Nokia under LGPL2.1, and use GPL3+openssl exception for the rest of the files. Given that they have proper headers, I don't see a problem with that, although I would mention that in the readme. PS: I don't see the OpenSSL exception anywhere there. -- To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54f1e526.3060...@gmail.com
Re: Bug#779377: Dual licensed LGPL2.1/GPL3 linking to GPL3 with OpenSSL exception
Or they could keep the files from Nokia under LGPL2.1, and use GPL3+openssl exception for the rest of the files. Given that they have proper headers, I don't see a problem with that, although I would mention that in the readme. But what license would the work as a whole be distributed as, then? PS: I don't see the OpenSSL exception anywhere there. It's in the debian directory, but I agree that it could be made more clear. pgpYGlpUtxqd0.pgp Description: PGP signature
Re: Bug#779377: Dual licensed LGPL2.1/GPL3 linking to GPL3 with OpenSSL exception
On 01/03/15 00:05, Riley Baird wrote: Or they could keep the files from Nokia under LGPL2.1, and use GPL3+openssl exception for the rest of the files. Given that they have proper headers, I don't see a problem with that, although I would mention that in the readme. But what license would the work as a whole be distributed as, then? I see your problem now. Silly conflicts between opensource licenses. Maybe LGPL2.1 can be upgraded to GPL3+openssl exception? It fits the spirit of those licenses, but I don't know if that'd actually be possible from a legal POV. A LGPL2.1 library can be used in a binary under GPL3+openssl exception since section 6 states: «you may also combine or link a work that uses the Library with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications» but I don't think you can apply GPL + openssl exception terms to a LGPL work since IMHO that would no longer be the ordinary GNU General Public License. Another option would be to relicense the program adding a LGPL linking exception, too. If upstream doesn't mind relicensing under LGPL (per #25), I would recommend doing so, as that will be much clearer. About Lenin photograph: Don't concern about imaginary countries. Copyright is sufficiently complex with the existing ones :) It's over 50 years pma which seems to be the copyright duration in Russia. And for US, which is not following the shorter term rule of the Berne Convention, it's also PD for being published before 1923. I don't think it would be a problem, but IAANAL. -- To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54f2634b.1020...@gmail.com
Dual licensed LGPL2.1/GPL3 linking to GPL3 with OpenSSL exception
Hi -legal! I was reviewing a package classified-ads for Debian, and I noticed a potential problem in the process. Namely, the author of the program has decided to use GPL3 with the OpenSSL exception. However, they have taken some files from Nokia which are dual licensed under either LGPL2.1 or GPL3. I think that since Nokia did not make the OpenSSL exception, Debian cannot legally distribute the result. However, I assume that it would be okay if the maintainer decided to change their license to LGPL2.1. Can someone confirm whether all of this is correct? The project is here: https://github.com/operatornormal/classified_ads/ and the Nokia-licensed files are here: https://github.com/operatornormal/classified_ads/tree/master/textedit Yours thankfully, Riley Baird pgplDAUTF5zTV.pgp Description: PGP signature
