[Fedora-legal-list] Re: Update on Fedora treatment of Nmap licensing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks for this information.  Nmap in particular continues to confuse me with regards to licensing because they do not really hesitate to revise or replace their license on even a minor update release.

On 7/5/24 11:33 PM, Richard Fontana wrote:
> I've done a long overdue review of the various Nmap licenses and have
> updated fedora-license-data accordingly.
> 
> 1. LicenseRef-Nmap: not-allowed
> Related issue: https://gitlab.com/fedora/legal/fedora-license-data/-/issues/543
> 
> This is Callaway "Nmap", i.e. the GPLv2-incompatible GPLv2 gloss
> commented on here:
> https://fedoraproject.org/wiki/Licensing/Nmap
> This license was classified as "good" but on a new review, that
> assessment seems unjustified and inconsistent with the analysis of the
> subsequent licenses. While we should be very reluctant to overturn a
> past "good" classification I don't see any other option here.
> But there is a usage exception that says versions of Nmap covered by
> this license can continue to be included in Fedora Linux indefinitely.
> (I thought of limiting it to a couple of releases.)
> 
> 2. LicenseRef-NPSL-0.92: not-allowed
> Related issue: https://gitlab.com/fedora/legal/fedora-license-data/-/issues/542
> 
> This was "NPSL" (on the "bad" list) prior to the migration to SPDX
> identifiers. See:
> https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx/thread/GZIDC4DHXZP67LFU7P2OT2AQVDJRHZ2M/
> It was mistakenly imported into fedora-license-data as `LicenseRef-NPSL-0.94`.
> 
> 3. LicenseRef-NPSL-0.93: not-allowed
> Related issues:
> https://gitlab.com/fedora/legal/fedora-license-data/-/issues/541
> https://gitlab.com/fedora/legal/fedora-license-data/-/issues/540
> 
> This covers the multiple versions of Nmap licenses labeled as "Version
> 0.93" and "Version 0.94"

Looking at Fedora now we have nmap-7.95 in Fedora 40 as an update and it has:

    License: LicenseRef-NPSL-0.94

The exception is only for LicenseRef-Nmap and not these NPSL variants, right?  Which means nmap will have to be removed?

> 
> 4. LicenseRef-NPSL-0.95: not-allowed
> Related issue: https://gitlab.com/fedora/legal/fedora-license-data/-/issues/539
> 
> This covers the multiple versions of Nmap licenses labeled as "Version 0.95".
> 
> Other relevant issues:
> https://github.com/nmap/nmap/issues/2199
> https://gitlab.com/fedora/legal/fedora-license-data/-/issues/147
> https://bugs.gentoo.org/749390
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972216
> https://lists.gnu.org/archive/html/guix-devel/2020-10/msg00227.html
> https://github.com/NixOS/nixpkgs/issues/105119
> https://labs.parabola.nu/issues/2966
> https://bugzilla.opensuse.org/show_bug.cgi?id=1211571
> 
> Richard
> 

-- 
David Cantrell <dcantrell@xxxxxxxxxx>
Red Hat, Inc. | Boston, MA | EST5EDT

-- 
_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Gnome Users]     [KDE Users]

  Powered by Linux