Re: [Fedora-legal-list] CAcert.org license
by Tom Callaway
On Tue, 2008-12-09 at 23:03 +0100, Matthias Saou wrote:
> > >>>>> "TC" == Tom \"spot\" Callaway <Tom> writes:
> >
> > TC> Given that it does not give permission for us to redistribute (the
> > TC> cornerstone requirement for Content licenses), this license is not
> > TC> acceptable for Fedora.
> >
> > I guess I'm glad I looked before approving the package, but I have to
> > wonder: Do the cacert folks actually want anyone to use their
> > certificates? I mean, this prevents basically everyone from using
> > them, because they can't come with the OS or the browser.
>
> Personally, the more I read the document, the more I'm confused.
>
> "You may NOT distribute certificates or root keys under this
> licence"... does this mean we can distribute under a different license?
Well, sortof. The wording here is strange because you can get a
different license from the CA issuer. We can't just pick a license, but
the CA issuer might be willing to give us a different one.
> Would it be worth getting in contact with CAcert.org in order to try
> and have them allow us to redistribute the root certs under conditions
> which are acceptable to the Fedora Project?
Probably, yes. :)
~spot
7 years, 7 months
winetricks
by T.C. Hollingsworth
winetricks [1] is free software, but I was originally under the
impression that it was ineligible for inclusion in Fedora because it
is used primarily to download and install non-free software. (That is
not it's only function, though--it also does some registry hacks and
can manage multiple WINEPREFIXes.)
However, some members of the community disagree [2] and say that it
might be eligible for Fedora, so we'd like confirmation one way or the
other.
Thanks!
-T.C.
[1] http://winetricks.org/
[2] https://bugzilla.rpmfusion.org/show_bug.cgi?id=1992#c40
8 years, 2 months
Linking of GPL-only and GPL-incompatible libraries
by Florian Weimer
What's Fedora's stance on linking GPL-only libraries into the same
process as a library which is considered GPL-incompatible (such as
4-clause BSD) if this linking happens rather indirectly?
We currently link psql against both libreadline and libcrypto/libssl
(OpenSSL), so if that is okay, more indirect linking should be
acceptable as well.
However, I'm not sure I'd appreciate that if I were a GPL-only library
author who chose that license deliberately (perhaps even with a desire
to sell alternative licensing), and some intermediate libraries makes my
work available under a more permissive license, only wrapped in a
different programming interface.
--
Florian Weimer / Red Hat Product Security Team
9 years, 1 month
Including gpl3 code and how that affects other source in project
by Tim Flink
I'm working on a project that's currently gpl2+ licensed [1] and we
want to include some code from a gpl3 project [2]. This code will be an
isolated utility used to generate documentation from data contained in
other source files.
[1] https://bitbucket.org/fedoraqa/libtaskotron
[2] https://github.com/ansible/ansible
I know that if we went forward with this, the project would need to be
distributed as gpl3 but I have some questions around the specifics:
Would all the source in our project need to be re-licensed as gpl3 or is
it sufficient to have the project license as gpl3 and the existing
source files as gpl2+?
Assuming that it is possible to keep the existing gpl2+ source as
gpl2+, would it be possible to change the project license back to gpl2+
in the future if we were to remove any gpl3 code?
Thanks,
Tim
9 years, 4 months
repoze.sphinx.autointerface license
by Jerry James
I'm packaging repoze.sphinx.autointerface and have a question about
the license. It is almost the ZPLv2.1 license, but the text
identifying the license has been deleted, as has clause 4. Do I still
call that ZPLv2.1 in the spec file, or is something else more
appropriate? This is the text of the license file:
License
A copyright notice accompanies this license document that identifies
the copyright holders.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
1. Redistributions in source code must retain the accompanying
copyright notice, this list of conditions, and the following
disclaimer.
2. Redistributions in binary form must reproduce the accompanying
copyright notice, this list of conditions, and the following
disclaimer in the documentation and/or other materials provided
with the distribution.
3. Names of the copyright holders must not be used to endorse or
promote products derived from this software without prior
written permission from the copyright holders.
4. If any files are modified, you must cause the modified files to
carry prominent notices stating that you changed the files and
the date of any change.
Disclaimer
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ``AS IS'' AND
ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDERS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
Thank you,
--
Jerry James
http://www.jamezone.org/
9 years, 4 months
Warsow Content License
by Kalev Lember
Hi,
Could someone please review the attached Warsow Content License to see
if content licensed under those terms is appropriate for inclusion in
Fedora? I assume it's not, but I'd be grateful if someone could give an
authoritative answer.
Thanks in advance,
Kalev
9 years, 4 months
Source Requirements
by Dennis Gilmore
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
A couple of questions.
1) can we please stop making source isos? the source is available in
the source tree.
2) cloud WG wants to be able to produce updates images, what are our
requirements to ensuring source compliance with the GPL?
Today the sources for livecds and appliance images are only in the
source tree and not separated out. if we do updates images some sources
will be in the base source tree and some in updates, however the
updates sources will go away if the package gets another update. the
only single source where we could point people at is koji.
Dennis
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGBQJS+hz3AAoJEH7ltONmPFDR1icQAKhOvFziBsnYpi+wSYTGZUAH
++P1NeCQ4DKDz046kHJ5bGqw+IPNykwOP9RFKTx2v1ajAcMdvxWhR55+QextwHhn
b7lXE84mn+AM2uU64l+dVFireCi+Lh5XAVBO0aHGM5/olw/8DDuoVn+17O6ooaVr
mEQ/mGfjUDE+YDIIEcPjJ9HxkvQu3QDedayqThGfRZO4W8nLCBcAtCLm0kLC5Kv7
aVbRghC4wEKLU/PY7HzmlXla6GJfwZ024fE6qrZ6tyN6Rhn1x6xtT4WbU6GUDLKu
qZjUDX/p689VnH1PT+W9B0Oy9Z8TkfrtouxfoLVtzEThv3APE2K33H7MyrHS8ORy
ii1XHttX2bSmt92Wuj8ceY92oZk00wfTwJ4dUQj4ZQYQbyGAW31uymtiPwTUNTcw
3tgaSCeaI7w1W+dsyKcRVQyiau2WUojGhXdTf2r9dTuAuIGIJogg7iyhCDc45O3m
0u7snSxpYZ/jgpODC45sO/JvevYSD4vzCwFA4vW14jDKobCvLCiPt7atSI/uivwt
qO6TiiapgBCtkjYO98Pcqhu5x0xx7jS86iOi+D02hZGWx+7twsOaj6DyaZYuZyaf
sbonFLT0zejhcYgE+CAv+zPPeAKmapFZK7Gj3Kb3MWbxpwrWsyrTiy8MgFyp9wDl
9yFR9Bdcrpr+DhhF5KcR
=jifW
-----END PGP SIGNATURE-----
9 years, 4 months