Bug#950363: licensecheck reports dubious (may be misleading) information for image files
Dominique Dumont
dod at debian.org
Fri Jan 31 18:34:08 GMT 2020
Package: licensecheck
Version: 3.0.40-1
Severity: normal
Dear Maintainer,
When parsing an image file as a binary blob, licenscheck report that the copyright of the image is owned by HP:
$ licensecheck --encoding utf8 --copyright --machine --deb-fmt --recursive docs/src/static/diagrams.key//Data/st0-311.jpg
docs/src/static/diagrams.key//Data/st0-311.jpg UNKNOWN 1998 Hewlett-Packard CompanydescsRGB IEC61966-2.1sRGB IEC61966-2.1XYZ óQÌXYZ XYZ o¢8õXYZ b· / ±¹ÁÉÑÙáéòú / ®²·¼ÁÆËÐÕÛàåëðöû
I think licensecheck is misled by the copyright ownership of the color profile
of this image:
$ exiftool docs/src/static/diagrams.key//Data/st0-311.jpg | grep Profile
Profile CMM Type : Linotronic
Profile Version : 2.1.0
Profile Class : Display Device Profile
Profile Connection Space : XYZ
Profile Date Time : 1998:02:09 06:49:00
Profile File Signature : acsp
Profile Creator : Hewlett-Packard
Profile ID : 0
Profile Copyright : Copyright (c) 1998 Hewlett-Packard Company
Profile Description : sRGB IEC61966-2.1
The image itself has not Copyright information:
$ exiftool docs/src/static/diagrams.key//Data/st0-311.jpg | grep -i copyright
Profile Copyright : Copyright (c) 1998 Hewlett-Packard Company
All the best
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.4.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages licensecheck depends on:
ii libarray-intspan-perl 2.003-1
ii libgetopt-long-descriptive-perl 0.104-1
ii liblist-someutils-perl 0.58-1
ii liblog-any-adapter-screen-perl 0.140-1
ii liblog-any-perl 1.708-1
ii libmoo-perl 2.003006-1
ii libnamespace-clean-perl 0.27-1
ii libpath-iterator-rule-perl 1.014-1
ii libpath-tiny-perl 0.108-1
ii libpod-constants-perl 0.19-1
ii libre-engine-re2-perl 0.13-4+b1
ii libregexp-pattern-license-perl 3.1.100-1
ii libregexp-pattern-perl 0.2.11-1
ii libscalar-list-utils-perl 1:1.53-1
ii libsort-key-perl 1.33-2+b2
ii libstrictures-perl 2.000006-1
ii libstring-copyright-perl 0.003006-1
ii libstring-escape-perl 2010.002-2
ii libtry-tiny-perl 0.30-1
ii perl 5.30.0-9
ii perl-base [libscalar-list-utils-perl] 5.30.0-9
licensecheck recommends no packages.
Versions of packages licensecheck suggests:
ii bash-completion 1:2.10-1
-- no debconf information
More information about the pkg-perl-maintainers
mailing list