Bug#699892: [Pan-devel] Seeking advice on Pan license issue with optional TLS component
Dominique Dumont d...@debian.org writes: Le jeudi 21 février 2013 23:12:28, vous avez écrit : It looks like the license of GNUTLS 3.1.x may eventually be changed from LGPLv3+ back to LGPLv2.1+. If that succeeds, I believe it would solve the incompatibility with Pan. http://lists.gnutls.org/pipermail/gnutls-devel/2013-February/006086.html Thanks for the info. I'll forward this upstream. Gnutls 3.1.10 now has LGPLv2.1+ again. http://lists.gnutls.org/pipermail/gnutls-devel/2013-March/006202.html pgpVQbfNsTbg_.pgp Description: PGP signature
Bug#699892: [Pan-devel] Seeking advice on Pan license issue with optional TLS component
Le Saturday 23 March 2013 12:57:27, vous avez écrit : Gnutls 3.1.10 now has LGPLv2.1+ again. http://lists.gnutls.org/pipermail/gnutls-devel/2013-March/006202.html Thanks for the heads up. I've notified upstream Pan. I'll put back Gnutls in Pan once this version of gnutls is available in unstable. All the best Dominique signature.asc Description: This is a digitally signed message part.
Bug#699892: [Pan-devel] Seeking advice on Pan license issue with optional TLS component
Le jeudi 21 février 2013 23:12:28, vous avez écrit : It looks like the license of GNUTLS 3.1.x may eventually be changed from LGPLv3+ back to LGPLv2.1+. If that succeeds, I believe it would solve the incompatibility with Pan. http://lists.gnutls.org/pipermail/gnutls-devel/2013-February/006086.html Thanks for the info. I'll forward this upstream. Alternatively, the SSL support could be rewritten to use the NSS library from Mozilla; that one remains GPLv2-compatible. I don't know yet how different its API is. Upstream is thinking about using PolarSSL. All the best Dominique signature.asc Description: This is a digitally signed message part.
Bug#699892: [Pan-devel] Seeking advice on Pan license issue with optional TLS component
Dominique Dumont domi.dum...@free.fr writes: I'll put back SSL support for Pan in Debian unstable once the problematic code is relicensed or re-written. It looks like the license of GNUTLS 3.1.x may eventually be changed from LGPLv3+ back to LGPLv2.1+. If that succeeds, I believe it would solve the incompatibility with Pan. http://lists.gnutls.org/pipermail/gnutls-devel/2013-February/006086.html Alternatively, the SSL support could be rewritten to use the NSS library from Mozilla; that one remains GPLv2-compatible. I don't know yet how different its API is. pgpyvdE98r_xN.pgp Description: PGP signature
Bug#699892: [Pan-devel] Seeking advice on Pan license issue with optional TLS component
Le mardi 12 février 2013 14:26:18, Dominique Dumont a écrit : Since this is the first time I'm dealing with a trciky licensing issue, I'd like some folks from debian-legal mailing list to confirm my opinion. As mentioned here [1], my proposal is a bad idea. GPL license is transitive. Since any change you might do upstream to fix this situation will be too late or too intrusive to be accepted for next Debian release (which is currently in deep freeze), I have no choice but to remove SSL support from Pan in Debian Wheezy. I'll put back SSL support for Pan in Debian unstable once the problematic code is relicensed or re-written. Dominique [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=22;att=0;bug=699892 signature.asc Description: This is a digitally signed message part.