[Pkg-fonts-devel] Bug#665334: non-DFSG postscript embedded in fontforge
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Mar 23 06:11:39 UTC 2012
On 03/03/2012 07:48 AM, Nicholas Bamber wrote:
> We have a package libimager-perl where we have had to remove a few
> adobe-related test files as being non-DFSG. See
> http://cpansearch.perl.org/src/TONYC/Imager-0.88/adobe.txt .
> However given a comment in the latest version's changelog:
> " - note that the generator of the apparently non-DFSG-free postscript
> in MMOne.pfb is a Debian package."
> by which he means fontforge. I intend to email to the author and assure
> him that this is a purely precautionary measure on our part and that the
> functionality of the package is not inhibited.
> However since fontforge has been roped into the issue I wonder what you
> guys think.
Thank you for raising this issue. I just did a bit of research to try
to figure out what this is about.
In fontforge, it appears that this code is embedded in
The originals of several of these functions seem to appear (with
non-DFSG-free licensing) in the appendices of
In particular, the licensing says:
>>> This code, as well as the code in the following appendices, is copyrighted by
>>> Adobe Systems Incorporated, and may not be reproduced except by
>>> permission of Adobe Systems Incorporated. Adobe Systems Incorporated
>>> grants permission to use this code in Type 1 font programs, as long as the
>>> code is used as it appears in this document, the copyright notice remains
>>> intact, and the character outline code included in such a font program is
>>> neither copied nor derived from character outline code in any Adobe Systems
>>> font program.
This license looks pretty non-DFSG-free to me, and it applies at least
to the makeblendedfont array in fontforge/othersubrs.c.
Even more depressing, the makeblendedfont array in othersubrs.c actually
has a modified comment (correcting a mistakenly copy/pasted buggy
comment from the code in the PDF!) which potentially means that it is
itself in violation of Adobe's restrictive license.
I'm not really sure what to do about this other than to open an RC bug
against fontforge, which this e-mail should do :(
We could probably make a new dfsg-free "clean" upstream tarball that is
still capable of building fontforge binaries by ripping out big chunks
of this file (i haven't tried it yet), but i don't know what that would
do to fontforge's ability to do Type1 font generation.
Another approach would be to move fontforge from the main archive to the
non-free archive; but it seems like that would relegate many of our font
packages to contrib, due to build-dependencies. :(
I'm open to other suggestions; i would be overjoyed, in fact, to hear
other suggestions. Does anyone have any proposals?
More information about the Pkg-fonts-devel