Bug#658739: Re: Bug#658739: Broken su/sudo/whatever - breaks systems - up goes the severity

Carlos Alberto Lopez Perez clopez at igalia.com
Wed Jan 23 14:25:47 UTC 2013

On 03/11/12 17:46, Andreas Metzler wrote:
> On 2012-10-24 Joerg Jaspert <joerg at debian.org> wrote:
> [...]
>> Maybe the rebuild without gcrypt is a solution. I don't know, I have
>> no idea what other functionality then might be missing.
> Hello,
> It is not possible currently for Debian to use nettle instead of
> gcrypt for license reasons. Nettle links against gmp which is LGPLv3+,
> but some of the gnutls-using applications in Debian have an LGPLv3
> incompatible license like GPLv2, e.g. cups.

On 02/12/12 09:11, Andreas Metzler wrote:
> We cannot switch to a GPLv2-incompatible gnutls stack on Debian
> currently.[1]
> cu andreas
> [1] We will need to do this for wheezy + 1, because Debian
> does not have the manpower to fork GnuTLS 2.x. But that is a different
> discussion.

And how this "legal" issue will be solved in Wheezy+1? I fail to see how
this will change in the future other than compiling cups with OpenSSL.

I found this old discussion about dual-licensing GMP:

But after reading it, I know the same than before...


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20130123/69b98978/attachment.pgp>

More information about the Pkg-gnutls-maint mailing list