[Pkg-openldap-devel] Does OpenLDAP has any GPLv2 dependency?

[Carlos Alberto Lopez Perez]

On 24/04/12 17:25, Thorsten Glaser wrote:
> Hi all,
> 
> this bug has been brought to my attention by my boss today.
> If I understand the situation correctly, the problem is:
> 
> • OpenLDAP links against GnuTLS (gnutls26)
> • gnutls26 links against gcrypt, which has the bug
> • gnutls28 links against nettle, but also gmp which is LGPLv3+
> • OpenLDAP thus can’t link against gnutls28, as it has reverse
>   dependencies that are not LGPLv3-/GPLv3-compatible
> • the package affected is libnss-ldap though
> 

Which ones are the reverse dependencies of libnss-ldap or OpenLDAP that
are LGPLv3+ incompatibles?

According to [1], the only combination forbidden is GPLv2 (LGPLv2 and
LGPLv2.1 is allowed per point 3. of the license, explained also on [1] ).

Looking at the recursive reverse dependencies of libnss-ldap [2] I fail
to find any package that is GPLv2 only.

If there isn't any GPLv2 reverse dependency, then OpenLDAP can be just
recompiled to link against gnutls28 and this long standing bug will be
fixed.

Thoughts?


Regards!
--------

[1] https://bugzilla.redhat.com/show_bug.cgi?id=986347
[2] $ apt-rdepends libnss-ldap



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20131105/9831f565/attachment.sig>