Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#700169: non-free license: requires to obey US export regulation even, when not in the US
0 views
Skip to first unread message
Ansgar Burchardt
Mar 1, 2013, 9:20:01 AM3/1/13
to
Hi,
I took a brief look at the upstream website. The download site [1]
points to two other pages for downloads ([2] and [3]), one of them
having the non-free license, the other a BSD/GPL dual-license.
Interestingly both of these ask to accept the non-free license...
They both contain a different link to a source tarball. I downloaded
both and compared them: they only differ in the license headers in the
individual files.
The files in acpica-unix-20130214.tar.gz have the non-free license.
The files in acpica-unix2-20130214.tar.gz have a 3-clause BSD license or
GPL-2:
----
* Copyright (C) 2000 - 2013, Intel Corp.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions, and the following disclaimer,
* without modification.
* 2. Redistributions in binary form must reproduce at minimum a disclaimer
* substantially similar to the "NO WARRANTY" disclaimer below
* ("Disclaimer") and any redistribution must be conditioned upon
* including a substantially similar Disclaimer requirement for further
* binary redistribution.
* 3. Neither the names of the above-listed copyright holders nor the names
* of any contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* Alternatively, this software may be distributed under the terms of the
* GNU General Public License ("GPL") version 2 as published by the Free
* Software Foundation.
*
* NO WARRANTY
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGES.
----
I tried replacing the date to get the version we currently have in
Debian, but only the tarball with the non-free license was available
from [4].
[1] <https://www.acpica.org/downloads/>
[2] <https://www.acpica.org/downloads/unix_source_code.php>
[3] <https://www.acpica.org/downloads/unix2_source_code.php>
[4] <https://www.acpica.org/download/acpica-unix-20100528.tar.gz>
--
To UNSUBSCRIBE, email to debian-bugs...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
I took a brief look at the upstream website. The download site [1]
points to two other pages for downloads ([2] and [3]), one of them
having the non-free license, the other a BSD/GPL dual-license.
Interestingly both of these ask to accept the non-free license...
They both contain a different link to a source tarball. I downloaded
both and compared them: they only differ in the license headers in the
individual files.
The files in acpica-unix-20130214.tar.gz have the non-free license.
The files in acpica-unix2-20130214.tar.gz have a 3-clause BSD license or
GPL-2:
----
* Copyright (C) 2000 - 2013, Intel Corp.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions, and the following disclaimer,
* without modification.
* 2. Redistributions in binary form must reproduce at minimum a disclaimer
* substantially similar to the "NO WARRANTY" disclaimer below
* ("Disclaimer") and any redistribution must be conditioned upon
* including a substantially similar Disclaimer requirement for further
* binary redistribution.
* 3. Neither the names of the above-listed copyright holders nor the names
* of any contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* Alternatively, this software may be distributed under the terms of the
* GNU General Public License ("GPL") version 2 as published by the Free
* Software Foundation.
*
* NO WARRANTY
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGES.
----
I tried replacing the date to get the version we currently have in
Debian, but only the tarball with the non-free license was available
from [4].
[1] <https://www.acpica.org/downloads/>
[2] <https://www.acpica.org/downloads/unix_source_code.php>
[3] <https://www.acpica.org/downloads/unix2_source_code.php>
[4] <https://www.acpica.org/download/acpica-unix-20100528.tar.gz>
--
To UNSUBSCRIBE, email to debian-bugs...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Ansgar Burchardt
Mar 1, 2013, 10:00:02 AM3/1/13
to
I also checked the initial Debian package on snapshot.debian.org
(version 20050930-1). It also has only the non-free license in the
individual files, but states "Dual GPLv2/ACPICA Licence" in d/copyright.
It also has the BSD-3-clause-or-GPL-2 bit in d/copyright.
It's likely that it was already dual-licensed, but that this wasn't
documented in the tarball itself. I'm not sure why they now have two
tarballs instead of one with both licenses... The "GNU General Public
License or via a separate license that may be more favorable to
commercial OSVs" (from the FAQ) seems also wrong given there are *three*
licenses: the non-free one, a 3-clause BSD and the GPL-2.
Ansgar
(version 20050930-1). It also has only the non-free license in the
individual files, but states "Dual GPLv2/ACPICA Licence" in d/copyright.
It also has the BSD-3-clause-or-GPL-2 bit in d/copyright.
It's likely that it was already dual-licensed, but that this wasn't
documented in the tarball itself. I'm not sure why they now have two
tarballs instead of one with both licenses... The "GNU General Public
License or via a separate license that may be more favorable to
commercial OSVs" (from the FAQ) seems also wrong given there are *three*
licenses: the non-free one, a 3-clause BSD and the GPL-2.
Ansgar
Michael Stapelberg
Mar 27, 2013, 7:00:01 AM3/27/13
to
Hi Ansgar, Mattia,
Ansgar Burchardt <ans...@debian.org> writes:
> I also checked the initial Debian package on snapshot.debian.org
> (version 20050930-1). It also has only the non-free license in the
> individual files, but states "Dual GPLv2/ACPICA Licence" in d/copyright.
> It also has the BSD-3-clause-or-GPL-2 bit in d/copyright.
>
> It's likely that it was already dual-licensed, but that this wasn't
> documented in the tarball itself. I'm not sure why they now have two
> tarballs instead of one with both licenses... The "GNU General Public
> License or via a separate license that may be more favorable to
> commercial OSVs" (from the FAQ) seems also wrong given there are *three*
> licenses: the non-free one, a 3-clause BSD and the GPL-2
Well, according to https://github.com/acpica/acpica/commit/84b8d0fd, the
dual-license tarballs are only available starting from version
20110211. That version can indeed be downloaded as unix2 tarball.
Mattia: is it reasonable to update this package to a newer version,
based on one of the unix2 tarballs?
--
Best regards,
Michael
Ansgar Burchardt <ans...@debian.org> writes:
> I also checked the initial Debian package on snapshot.debian.org
> (version 20050930-1). It also has only the non-free license in the
> individual files, but states "Dual GPLv2/ACPICA Licence" in d/copyright.
> It also has the BSD-3-clause-or-GPL-2 bit in d/copyright.
>
> It's likely that it was already dual-licensed, but that this wasn't
> documented in the tarball itself. I'm not sure why they now have two
> tarballs instead of one with both licenses... The "GNU General Public
> License or via a separate license that may be more favorable to
> commercial OSVs" (from the FAQ) seems also wrong given there are *three*
> licenses: the non-free one, a 3-clause BSD and the GPL-2
dual-license tarballs are only available starting from version
20110211. That version can indeed be downloaded as unix2 tarball.
Mattia: is it reasonable to update this package to a newer version,
based on one of the unix2 tarballs?
--
Best regards,
Michael
Michael Stapelberg
Mar 27, 2013, 9:50:02 AM3/27/13
to
Hi Mattia,
Mattia Dongili <mala...@debian.org> writes:
> yes it is, that's what Al did already:
> http://ftp-master.debian.org/new/acpica-unix_20130214-0.3.html
I see.
release-team: What’s your take on this? Can we get the new version into
Debian in time for wheezy or how should we handle this?
Mattia Dongili <mala...@debian.org> writes:
> yes it is, that's what Al did already:
> http://ftp-master.debian.org/new/acpica-unix_20130214-0.3.html
I see.
release-team: What’s your take on this? Can we get the new version into
Debian in time for wheezy or how should we handle this?
Adam D. Barratt
Mar 27, 2013, 1:10:01 PM3/27/13
to
On 27.03.2013 13:44, Michael Stapelberg wrote:
> Mattia Dongili <mala...@debian.org> writes:
>> yes it is, that's what Al did already:
>> http://ftp-master.debian.org/new/acpica-unix_20130214-0.3.html
> I see.
>
> release-team: What’s your take on this? Can we get the new version
> into
> Debian in time for wheezy or how should we handle this?
It's somewhat difficult to tell without seeing what's involved. (We
> Mattia Dongili <mala...@debian.org> writes:
>> yes it is, that's what Al did already:
>> http://ftp-master.debian.org/new/acpica-unix_20130214-0.3.html
> I see.
>
> release-team: What’s your take on this? Can we get the new version
> into
> Debian in time for wheezy or how should we handle this?
can't exactly debdiff against NEW...)
Regards,
Adam
Mattia Dongili
Mar 27, 2013, 5:10:02 PM3/27/13
to
On Wed, Mar 27, 2013 at 05:06:35PM +0000, Adam D. Barratt wrote:
> On 27.03.2013 13:44, Michael Stapelberg wrote:
> >Mattia Dongili <mala...@debian.org> writes:
> >>yes it is, that's what Al did already:
> >>http://ftp-master.debian.org/new/acpica-unix_20130214-0.3.html
> >I see.
> >
> >release-team: What’s your take on this? Can we get the new version
> >into
> >Debian in time for wheezy or how should we handle this?
>
> It's somewhat difficult to tell without seeing what's involved. (We
> can't exactly debdiff against NEW...)
Michael,
> On 27.03.2013 13:44, Michael Stapelberg wrote:
> >Mattia Dongili <mala...@debian.org> writes:
> >>yes it is, that's what Al did already:
> >>http://ftp-master.debian.org/new/acpica-unix_20130214-0.3.html
> >I see.
> >
> >release-team: What’s your take on this? Can we get the new version
> >into
> >Debian in time for wheezy or how should we handle this?
>
> It's somewhat difficult to tell without seeing what's involved. (We
> can't exactly debdiff against NEW...)
I don't see a valid reason to get a newer version in wheezy at this
stage of the freeze.
Regards,
--
mattia
:wq!
Ansgar Burchardt
Mar 31, 2013, 6:40:02 PM3/31/13
to
Control: retitle -1 please include correct license in upstream tarball
Control: severity -1 normal
Michael Stapelberg <stape...@debian.org> writes:
> Can we just ignore this bug for wheezy? To me, the licensing intention
> seems very clear.
I think that's fine. The package seems to be also licensed under the
GPL-2 even if that's not clear in the (current) upstream tarball; the
notice in the upstream FAQ was already there years ago (I checked on
archive.org).
It would still be nice to have the correct license in the upstream
tarball (and d/copyright as the code seems now to be released under
three licenses), but that's not a serious bug. So downgrading
accordingly.
Ansgar
Control: severity -1 normal
Michael Stapelberg <stape...@debian.org> writes:
> Can we just ignore this bug for wheezy? To me, the licensing intention
> seems very clear.
I think that's fine. The package seems to be also licensed under the
GPL-2 even if that's not clear in the (current) upstream tarball; the
notice in the upstream FAQ was already there years ago (I checked on
archive.org).
It would still be nice to have the correct license in the upstream
tarball (and d/copyright as the code seems now to be released under
three licenses), but that's not a serious bug. So downgrading
accordingly.
Ansgar
0 new messages