[Pkg-clamav-devel] clamav 0.98.3 released
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Fri May 9 21:18:23 UTC 2014
On 2014-05-09 22:41:44 [+0200], Andreas Cadhalpun wrote:
> Hi,
Hi,
> On 09.05.2014 22:01, Andreas Cadhalpun wrote:
> >I'm currently looking at updating debian/copyright.
>
> I think we have a major problem here: None of clamav's reverse-dependencies
> (c-icap-modules, dansguardian, havp, python-clamav) have an OpenSSL
> exception.
>
> I have no clue about how to procede, now that clamav depends on openssl.
>
> Any ideas?
>
> Besides COPYING contains:
> REGARDING OPENSSL
>
> In addition, as a special exception, the copyright holders give
> permission to link the code of portions of this program with the
> OpenSSL library under certain conditions as described in each
> individual source file, and distribute linked combinations
> including the two.
>
> I'm not sure, if this is a wide enough exception, particular as many files
> (in the libclamav directory) include OpenSSL headers, but only a few (e.g.
> crypto.c and crypto.h) have an OpenSSL exception in the file, as required by
> above general notice. And even in those files this exception doesn't explain
> the 'certain conditions', but is rather a copy of above notice.
>
> I'm no lawyer, but this seems to be problematic.
This is just great. Why didn't they use gnutls / libgcrypto library?
I've been lookin at reverting that openssl crypto patch, it looks like a
big mess but I think mostly because even those which are unrelated. They
also use the openssl code in 7z for instance. Not sure how much of this is
okay.
Mommy?
> Best regards,
> Andreas
Sebastian
More information about the Pkg-clamav-devel
mailing list