[gentoo-dev] Last rites: net-analyzer/gnu-netcat

[gentoo-dev] Last rites: net-analyzer/gnu-netcat

[Michał Górny]

[-- Attachment #1: Type: text/plain, Size: 651 bytes --]

# Michał Górny <mgorny@gentoo.org> (13 Apr 2019)
# Unmaintained.  Contains vulnerable code and a large number of unsolved
# (upstream) issues, including licensing issues that prevented Debian
# from including it.  The current version is from 2004, and carries
# some local patches.  Last upstream commits are from 2013, and involve
# three successive branches, the 0.7.x not having a release since 2004,
# and the two remaining branches never seeing a single release.
# The suggested alternatives are net-analyzer/{netcat,openbsd-netcat}.
# Removal in 30 days.  Bug #601742.
net-analyzer/gnu-netcat

-- 
Best regards,
Michał Górny


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 963 bytes --]

Re: [gentoo-dev] Last rites: net-analyzer/gnu-netcat

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 1193 bytes --]

>>>>> On Sat, 13 Apr 2019, Michał Górny wrote:

> # Michał Górny <mgorny@gentoo.org> (13 Apr 2019)
> # Unmaintained.  Contains vulnerable code and a large number of unsolved
> # (upstream) issues, including licensing issues that prevented Debian
> # from including it.

I suppose that is referring to Debian bug 202475?
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=202475#61

If that's the case, it is their usual BS that they consider the FDL to
be a non-free license. (Basically, netcat.texi contains license texts
of the GPL and the FDL which by their very nature are "invariant".)

This is not a concern for us. The FDL is approved by the FSF as a free
documentation license, and therefore it is in our @FREE license group.

>                       The current version is from 2004, and carries
> # some local patches.  Last upstream commits are from 2013, and involve
> # three successive branches, the 0.7.x not having a release since 2004,
> # and the two remaining branches never seeing a single release.
> # The suggested alternatives are net-analyzer/{netcat,openbsd-netcat}.
> # Removal in 30 days.  Bug #601742.
> net-analyzer/gnu-netcat

Ulrich

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]

Re: [gentoo-dev] Last rites: net-analyzer/gnu-netcat

[Michał Górny]

[-- Attachment #1: Type: text/plain, Size: 1555 bytes --]

On Sat, 2019-04-13 at 21:52 +0200, Ulrich Mueller wrote:
> > > > > > On Sat, 13 Apr 2019, Michał Górny wrote:
> > # Michał Górny <mgorny@gentoo.org> (13 Apr 2019)
> > # Unmaintained.  Contains vulnerable code and a large number of unsolved
> > # (upstream) issues, including licensing issues that prevented Debian
> > # from including it.
> 
> I suppose that is referring to Debian bug 202475?
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=202475#61
> 
> If that's the case, it is their usual BS that they consider the FDL to
> be a non-free license. (Basically, netcat.texi contains license texts
> of the GPL and the FDL which by their very nature are "invariant".)
> 
> This is not a concern for us. The FDL is approved by the FSF as a free
> documentation license, and therefore it is in our @FREE license group.

Thanks for clarifying that.  I have to admit I didn't really understand
what they meant in that bug report.  However, I suppose this doesn't
invalidate the remaining points.  Should I update the mask message?

> >                       The current version is from 2004, and carries
> > # some local patches.  Last upstream commits are from 2013, and involve
> > # three successive branches, the 0.7.x not having a release since 2004,
> > # and the two remaining branches never seeing a single release.
> > # The suggested alternatives are net-analyzer/{netcat,openbsd-netcat}.
> > # Removal in 30 days.  Bug #601742.
> > net-analyzer/gnu-netcat
> 
> Ulrich

-- 
Best regards,
Michał Górny


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 963 bytes --]

Re: [gentoo-dev] Last rites: net-analyzer/gnu-netcat

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 1158 bytes --]

>>>>> On Sat, 13 Apr 2019, Michał Górny wrote:

> On Sat, 2019-04-13 at 21:52 +0200, Ulrich Mueller wrote:
>> > > > > > On Sat, 13 Apr 2019, Michał Górny wrote:
>> > # Michał Górny <mgorny@gentoo.org> (13 Apr 2019)
>> > # Unmaintained.  Contains vulnerable code and a large number of unsolved
>> > # (upstream) issues, including licensing issues that prevented Debian
>> > # from including it.
>> 
>> I suppose that is referring to Debian bug 202475?
>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=202475#61
>> 
>> If that's the case, it is their usual BS that they consider the FDL to
>> be a non-free license. (Basically, netcat.texi contains license texts
>> of the GPL and the FDL which by their very nature are "invariant".)
>> 
>> This is not a concern for us. The FDL is approved by the FSF as a free
>> documentation license, and therefore it is in our @FREE license group.

> Thanks for clarifying that.  I have to admit I didn't really understand
> what they meant in that bug report.  However, I suppose this doesn't
> invalidate the remaining points.  Should I update the mask message?

Yes, please.

Ulrich

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]