Debian Bug report logs - #352344
RM: libapache-mod-security -- RoM; undistributable due to licence conflict (APL/GPL)

Package: ftp.debian.org; Maintainer for ftp.debian.org is Debian FTP Master <ftpmaster@ftp-master.debian.org>;

Reported by: Alberto Gonzalez Iniesta <agi@inittab.org>

Date: Sat, 11 Feb 2006 12:33:02 UTC

Severity: normal

Done: Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, James Troup and others <ftpmaster@ftp-master.debian.org>:
Bug#352344; Package ftp.debian.org. Full text and rfc822 format available.

Acknowledgement sent to Alberto Gonzalez Iniesta <agi@inittab.org>:
New Bug report received and forwarded. Copy sent to James Troup and others <ftpmaster@ftp-master.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Alberto Gonzalez Iniesta <agi@inittab.org>
To: submit@bugs.debian.org
Subject: Please remove libapache-mod-security
Date: Sat, 11 Feb 2006 13:22:24 +0100
Package: ftp.debian.org
Severity: normal
Justification: License conflict makes binary undistributable


Hi,

As reported in #313615, Apache modules can't be GPL unless upstream make
an exception. Mod_security's author didn't want to, so the package must
be removed from Debian's archive.

This issue may affect other Apache modules as the mentioned bug report
concludes.

Regards,

Alberto


-- 
Alberto Gonzalez Iniesta    | Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred    | http://inittab.com

Key fingerprint = 9782 04E7 2B75 405C F5E9  0C81 C514 AF8E 4BA4 01C3



Changed Bug title. Request was from "Adam D. Barratt" <debian-bts@adam-barratt.org.uk> to control@bugs.debian.org. Full text and rfc822 format available.

Reply sent to Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Alberto Gonzalez Iniesta <agi@inittab.org>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #12 received at 352344-close@bugs.debian.org (full text, mbox):

From: Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>
To: 352344-close@bugs.debian.org
Cc: libapache-mod-security@packages.debian.org, libapache-mod-security@packages.qa.debian.org
Subject: Bug#352344: fixed
Date: Sun, 12 Mar 2006 18:05:52 -0800
We believe that the bug you reported is now fixed; the following
package(s) have been removed from unstable:

libapache-mod-security |    1.8.7-1 | source, alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libapache2-mod-security |    1.8.7-1 | alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
mod-security-common |    1.8.7-1 | all

Note that the package(s) have simply been removed from the tag
database and may (or may not) still be in the pool; this is not a bug.
The package(s) will be physically removed automatically when no suite
references them (and in the case of source, when no binary references
it).  Please also remember that the changes have been done on the
master archive (ftp-master.debian.org) and will not propagate to any
mirrors (ftp.debian.org included) until the next cron.daily run at the
earliest.

Packages are never removed from testing by hand.  Testing tracks
unstable and will automatically remove packages which were removed
from unstable when removing them from testing causes no dependency
problems.

Bugs which have been reported against this package are not automatically
removed from the Bug Tracking System.  Please check all open bugs and
close them or re-assign them to another package if the removed package
was superseded by another one.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 352344@bugs.debian.org.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@debian.org.

Debian distribution maintenance software
pp.
Jeroen van Wolffelaar (the ftpmaster behind the curtain)



Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 18 Jun 2007 04:49:53 GMT) Full text and rfc822 format available.

Bug unarchived. Request was from Matej Vela <vela@debian.org> to control@bugs.debian.org. (Tue, 27 Nov 2007 16:15:05 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, James Troup and others <ftpmaster@ftp-master.debian.org>:
Bug#352344; Package ftp.debian.org. Full text and rfc822 format available.

Acknowledgement sent to Matej Vela <vela@debian.org>, 352344@bugs.debian.org:
Extra info received and forwarded to list. Copy sent to James Troup and others <ftpmaster@ftp-master.debian.org>. Full text and rfc822 format available.

Message #21 received at 352344@bugs.debian.org (full text, mbox):

From: Matej Vela <vela@debian.org>
To: support@breach.com
Cc: 352344@bugs.debian.org
Subject: Conflict between GPLv2 and the Apache license
Date: Tue, 27 Nov 2007 18:11:24 +0100
Hello,

As you probably know, the FSF considered GPL version 2 to be incompatible
with the Apache license, and designed GPL version 3 with compatibility in
mind [1].  Would it be possible to license ModSecurity under "version 2 or
any later version", i.e. as suggested by the GPL itself:

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.

This would allow us to resolve any perceived conflict by implicitly
distributing it under GPLv3.

[1] <http://www.fsf.org/licensing/licenses/#apache2>

Thanks,

Matej




Information forwarded to debian-bugs-dist@lists.debian.org, James Troup and others <ftpmaster@ftp-master.debian.org>:
Bug#352344; Package ftp.debian.org. Full text and rfc822 format available.

Acknowledgement sent to Matej Vela <vela@debian.org>:
Extra info received and forwarded to list. Copy sent to James Troup and others <ftpmaster@ftp-master.debian.org>. Full text and rfc822 format available.

Message #26 received at 352344@bugs.debian.org (full text, mbox):

From: Matej Vela <vela@debian.org>
To: 352344@bugs.debian.org
Subject: Bug#352344: RM: libapache-mod-security -- RoM; undistributable due to licence conflict (APL/GPL)
Date: Tue, 04 Dec 2007 15:44:58 +0100
Hello,

Here's the author's response (posted with permission):

> Hi Matej,
>
> Thank you for your email.
>
> First of all, let me say that we would very much like to see Debian
> distributing ModSecurity again. I was sad to see it removed from the
> distribution.
>
> While in principle we do not object to converting ModSecurity to
> GPLv3, in order to do so we would first need to assess the impact
> such a change would make on our licensing terms. We have so far
> discussed the matter only briefly. I am hoping a proper discussion
> (and analysis) will take place some time in 2008.
>
> -- 
> Ivan Ristic

Cheers,

Matej




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 02 Jan 2008 07:29:06 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 03:51:38 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.