On Wed, Jul 03, 2024 at 11:27:50PM +0200, Bastian Germann wrote: > Am 03.07.24 um 05:23 schrieb Benjamin Kaduk: > > I do not see how it would be possible to replace this code in Debian before > > upstream can do so; this code is a core part of the functionality of the > > software and the files cannot be relicensed without the permission of all > > copyright holders. > > Upstream supports more OS than only Linux and most of the changes are > portability changes. Trying a compile with the files replaced won't hurt.
I think it would hurt; some of the chnages relate to security fixes, among other things. > > I am also a bit confused at why you chose to file this as severity: serious > > -- could you please clarify what part of policy is being violated or how it > > makes the package unsuitable for release? > > Assuming the license is non-free (which some people may doubt but this seems > to be established in Debian) the package violates Policy ยง2.2.1 "Every package > in main must comply with the DFSG" Do you have any links handy for "this seems to be established in Debian"? Maybe a statement from ftpmaster? Starting from scratch I'm only finding https://lists.debian.org/debian-legal/2003/08/msg00667.html from 2003 (and the corresponding bug, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=181493), neither of which really ends with a resounding conclusion, and which are quite old. Given that openafs appears to have already been in Debian at that time (looking at its changelog), it's a bit surprising that this bug is only being filed now in 2024. -Ben
