Package: elmer Version: 6.1.0.svn.5396.dfsg2-1 Severity: serious Justification: Policy 2.3
Hello, this may sound like a revival of bug #618696 [1], but in fact it's distinct (although the evergreen OpenCASCADE GPL-incompatibility is still involved...). [1] http://bugs.debian.org/618696 Let's start from the beginning, anyway. I've recently found out that all libav binary packages in Debian are effectively licensed under the GNU GPL, rather than under the GNU LGPL. This would have been easier to spot, if more clearly documented [2]. [2] http://bugs.debian.org/698019 After this discover, I searched for packages potentially affected by this strong copyleft. I noticed that the binary package named "elmer" depends on some libav packages and I remembered the well-known OpenCASCADE GPL-incompatibility. Hence, I examined all the binaries shipped by the elmer binary package with ldd and I found out that /usr/bin/ElmerGUI.real is linked with the following libraries, among others: libTKSTL.so.2 [...] libTKXSBase.so.2 => OCE (OpenCASCADE Community Edition) License: OCTPL GPL-incompatible libmysqlclient.so.18 => MySQL client library License: GPL-2+ with FOSS exception (which does not allow linking with OCTPL-licensed works...) libavformat.so.53 => libavformat Effective license: GPL-3+ libavcodec.so.53 => libavcodec Effective license: GPL-2+ or libavcodec-extra Effective license: GPL-3+ libavutil.so.51 => libavutil Effective license: GPL-2+ libswscale.so.2 => libswscale Effective license: GPL-2+ (for further details, see the already mentioned bug #698019 [2], especially its message #27 [3]) [3] http://bugs.debian.org/698019#27 libcrypto.so.1.0.0 libssl.so.1.0.0 => OpenSSL License: OpenSSL license (which is GPL-incompatible!) libjbig.so.0 => JBIG-KIT library License: GPL-2+ libxvidcore.so.4 => Xvid library License: GPL-2+ libx264.so.123 => x264 library License: GPL-2+ (unless used solely through avisynth_c.h interfaces) libmp3lame.so.0 => LAME library License: GPL-2+ (since it apparently includes GPL-licensed files) So, in summary, it seems to me that this binary is linked with a number of GPL-licensed libraries, and with two GPL-incompatible libraries (OpenCASCADE Community Edition and OpenSSL). Once again, the possible solutions I can think of, in descending order of desirability, are: (A) Open CASCADE S.A.S. should be contacted and persuaded to re-license Open CASCADE Technology under GPLv2-and-v3-compatible terms; OpenSSL should be replaced by GnuTLS or disabled. (B) OpenCASCADE Community Edition should be substituted with a GPLv2-and-v3-compatible replacement, if any is available; OpenSSL should be replaced by GnuTLS or disabled. (C) All the GPL-licensed libraries should be substituted with non-strong-copyleft replacements or disabled. As usual, if anyone is willing to contribute to the persuasion effort I am carrying on to convince Open CASCADE S.A.S. to switch to the GNU LGPL v2.1, his/her help will be more than appreciated by me! As explained in bug #617613 [4], I have been trying hard to achieve this result since April 2009... [4] http://bugs.debian.org/617613 Thanks for any help you can provide. P.S.: the binary package named "libelmersolver-6.1" probably needs a similar audit -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
