Firmware packages with a mislabelled license?
Yaakov Nemoy
loupgaroublond at gmail.com
Tue Jul 22 12:17:58 UTC 2008
Hi List,
I've been asked to investigate licensing issues in two packages.
zd1211-firmware.
This package is labelled as GPLv2+. From what I gather on
sourceforge, the distributed tarball distributes binary blobs. There
is also the following comments regarding licensing in Debian.
http://packages.debian.org/changelogs/pool/non-free/z/zd1211-firmware/zd1211-firmware_2.16.0.0-0.1/zd1211-firmware.copyright
I had a look at our CVS repo, and we somehow create a makefile that is
used to create some of the files from the C header files. I'm not an
expert on firmwares, so I'm not sure of all the details on the
process. Even so, it seems like we are including a binary blob here.
midisport-firmware
This package is also labelled as GPLv2+. It's pretty clear from the
lines in the spec file that there is no source to speak of.
%build
# Nothing to build
Sourceforge labels it as:
License : BSD License, GNU General Public License (GPL),
Other/Proprietary License
My understanding is that this is a 100% binary blob.
According to the packaging guidelines, binary blob packages like these
are allowed but need to be labelled as "Redistributable, no
modification permitted". One of the maintainers of Blag Linux asked
me to look into this, since according to their policies, these
packages are verboten. I'm still not 100% sure on the first package,
but is this something that I should file a bug against or are there
other considerations I'm missing here?
-Yaakov
More information about the fedora-devel-list
mailing list