[Bug 319831] Review Request: unrar - RAR archive extractor
bugzilla at redhat.com
bugzilla at redhat.com
Tue Oct 9 05:14:21 UTC 2007
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: unrar - RAR archive extractor
https://bugzilla.redhat.com/show_bug.cgi?id=319831
kevin at tigcc.ticalc.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kevin at tigcc.ticalc.org
------- Additional Comments From kevin at tigcc.ticalc.org 2007-10-09 01:14 EST -------
Uh, looking at the code in the SRPM, this appears to be the same code used in
clamav. The legal status of that code is not clear to me. (In fact, I
considered bringing this up with respect to clamav, but seeing the same code
used in another package makes this all the more urgent.) The file headers
say: "This code is based on the work of Alexander L. Roshal". But then isn't it
a derived work of the original unrar sources? If it is, it's illegal to
distribute this under the GPL as they're doing because the original unrar
license is non-Free and not GPL-compatible. This (libclamav unrar) code also
has a history of sharing the security vulnerabilities of the non-Free unrar,
which also sounds unlikely for a truely independent implementation. See for
example http://www.securityfocus.com/archive/1/473373/100/0/threaded .
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the package-review
mailing list