Your message dated Sat, 02 Mar 2013 05:47:37 +0000 with message-id <e1ubfih-0004bf...@franck.debian.org> and subject line Bug#695422: fixed in ntop 3:4.99.3+ndpi5517+dfsg3-1 has caused the Debian Bug report #695422, regarding ntop: links with both libssl and libgdbm and is mainly GPL-licensed without linking exception to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 695422: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695422 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ntop Version: 3:4.99.3+ndpi5517+dfsg1-1 Severity: serious Justification: Policy 2.3 Hello, I noticed that ntop is mainly licensed under the terms of the GNU GPL v2 or later, with only one file (ssl.c) having an OpenSSL linking exception. However, ntop seems to link with libssl (which is notoriously GPL-incompatible) and also seems to link with libgdbm (which [1] is licensed under the GNU GPL v2 or later, with no OpenSSL linking exception). [1] http://packages.debian.org/changelogs/pool/main/g/gdbm/gdbm_1.8.3-11/libgdbm3.copyright I am under the impression that several ntop source GPL-licensed files get compiled into a binary that links with libssl, but do not have any OpenSSL linking exception. Moreover the same binary seems to also link with libgdbm, also GPL-licensed with no exception. This scenario seems to produce an undistributable binary package. Please clarify and/or cooperate with upstream in order to fix this issue. The possible solutions I can think of are: A) ntop is modified so that it can link with GNUTLS, instead of OpenSSL B) an OpenSSL linking exception is granted to all the relevant files by the respective copyright holders and also to the FSF's GNU DBM library by its copyright holders (I don't know how much this is likely to happen, though...) Thanks for your time. Bye.
--- End Message ---
--- Begin Message ---Source: ntop Source-Version: 3:4.99.3+ndpi5517+dfsg3-1 We believe that the bug you reported is fixed in the latest version of ntop, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 695...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ludovico Cavedon <cave...@debian.org> (supplier of updated ntop package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 28 Feb 2013 23:23:02 -0800 Source: ntop Binary: ntop ntop-dbg ntop-data Architecture: source amd64 all Version: 3:4.99.3+ndpi5517+dfsg3-1 Distribution: unstable Urgency: high Maintainer: Ludovico Cavedon <cave...@debian.org> Changed-By: Ludovico Cavedon <cave...@debian.org> Description: ntop - display network usage in web browser ntop-data - display network usage in a web browser (data files) ntop-dbg - display network usage in web browser (debug symbols) Closes: 695422 695424 700442 Changes: ntop (3:4.99.3+ndpi5517+dfsg3-1) unstable; urgency=high . * Repackage source removing stale license notice from protocls.c (Closes: #695424). * Remove IP fragment handling code (Closes: #700442). * Disable OpenSSL (thanks to Giovanni Rapagnani, Closes: #695422). Checksums-Sha1: 2bc0def20567c9264ba385e5d40f9eaac9215fd5 2182 ntop_4.99.3+ndpi5517+dfsg3-1.dsc 2af79ea37355b0fb6bf0114c44f7898db2608f88 3675873 ntop_4.99.3+ndpi5517+dfsg3.orig.tar.gz 24106847bbc214b0bdff79b1972f73c32c425950 64603 ntop_4.99.3+ndpi5517+dfsg3-1.debian.tar.gz 3f64be21267bfd9c8e18d6433341d2e967bc7d7c 739536 ntop_4.99.3+ndpi5517+dfsg3-1_amd64.deb 4faf7573a76a5e1a391a01374171aef52b2e9fbf 1272380 ntop-dbg_4.99.3+ndpi5517+dfsg3-1_amd64.deb 33dbbbf49aba6d1bae641ea459ba77f2e1bb7a54 1625634 ntop-data_4.99.3+ndpi5517+dfsg3-1_all.deb Checksums-Sha256: 2e1d31a51ad93dfae2889c7f28726135a2875fc21ab7ed3b845e31dd6008be88 2182 ntop_4.99.3+ndpi5517+dfsg3-1.dsc 327d9669abdcd71d99941fe0d25a3994d022339e12425119b76e32d44d47856c 3675873 ntop_4.99.3+ndpi5517+dfsg3.orig.tar.gz eb844898383d88de3420d0bcc3b561dafbcc943f684deb3473b368fc9d844184 64603 ntop_4.99.3+ndpi5517+dfsg3-1.debian.tar.gz 5a1e1c431abcd5cc51a9a996d4e50f3affaf29b6253034d80a348ff9773a8574 739536 ntop_4.99.3+ndpi5517+dfsg3-1_amd64.deb 13c27832f963130721ca0bf6775952be83c5b9563927c26684f26feb9ad578ce 1272380 ntop-dbg_4.99.3+ndpi5517+dfsg3-1_amd64.deb 2b09b1edfe629a95c234a4e5e435c18fcd579e58ca40352d75bac37a6bfabae2 1625634 ntop-data_4.99.3+ndpi5517+dfsg3-1_all.deb Files: c90cfcf337379e4555c4714ae904e293 2182 net optional ntop_4.99.3+ndpi5517+dfsg3-1.dsc 10b28b2c883ff983339040ff094a6aa7 3675873 net optional ntop_4.99.3+ndpi5517+dfsg3.orig.tar.gz bb2b94a2fb57b744f4a372cdaf8a0420 64603 net optional ntop_4.99.3+ndpi5517+dfsg3-1.debian.tar.gz 22a4585ccb1c2cd34bcee8ade3c25730 739536 net optional ntop_4.99.3+ndpi5517+dfsg3-1_amd64.deb 1718f7391b9e3eeb90f205e5ed4b62ec 1272380 debug extra ntop-dbg_4.99.3+ndpi5517+dfsg3-1_amd64.deb 50a91db63ee9702c8f9fb1f87ba55f4f 1625634 net optional ntop-data_4.99.3+ndpi5517+dfsg3-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJRMY3lAAoJEBPAtWZ6OLCwS7kP/Rg5evogAM9Bwm/tcLR4TGHc 7MuBbpGvpVIQ4gIPF7gpWmwQuhvDAXGPm7HKc4QbqO7tc/qUXNfnmxzokVNX9t/I Wy0XlOxm56dXbrI/74PhtxZYrqJ77e0gImB+50hoGsvd6HI4t+sZf4709xBwevWK 3PaAvHJsTGceCH/tt+6CdVxqGSOURciNbg4BUpRrB0KnZwTzNMtchyZNK2WxgxGg UOazTy45TWPx3qczepoqmF1N4XgRzHAt+TQp0MApUQIHOfWpMvdXrWjtSs7r7Cfl W4S5XS6W2yLXIakss01t6RYjtT61TLeXCmIYdE6+cxbt39RSJnCLKfBWxAsLXRcC BhNbBcbp44nU1qeiiWnY4Deq05ZcsRZ+FRpifPOM2mDRZ7FhoH5Gnv+wmp51GiOZ U/sEcrusAvnTyhDXz5REMh2KBLvC0FdunaPMOSJHFRt3etyot+sssqOnNARbMyTH 76y9YYtqQdbrdFBAr2iAebivJ+Q835tVVLtklMsokQCM/mZ4KQz4Vs3174YCvkcv FD7zRpjtcY5Rjz6GkDAGKq3yzGYSPAd9nRigXshh+izYqOlIjb5bxfH0HMkyVqMj uOTvjBLmWTbmbH+xBlD3OQ6lZYR1sLQbmh1wj5XzO8rb8js8Lq/UoNweMeaYS2wd KEAWsEVIpsE/H74ud61g =2rt5 -----END PGP SIGNATURE-----
--- End Message ---
