Feeds

Debian components breach terms of GPLv2

You want source code with that?

Mobile application security vulnerability report

A top Debian contributor has been left "pretty disappointed" by elements of the Debian community for failing to comply with the conditions of the GNU GPLv2 license.

Daniel Baumann, who maintains the Debian Syslinux bootloader package, has said Debian components were being released only in binary form without source code - resulting in problems for Apple Macintosh users.

"I don't want to blame individual persons," Baumann said. "This is just a note of how disappointed I'm about some parts of Debian that are not complying to licenses when it comes to distributing software."

One problem concerns Debian CD - the toolkit used to build new versions of Debian for public release. Baumann found the toolkit was using an embedded binary version of Syslinux rather than taking a full version with source code from the official Debian archive. Another instance involved the Sarge release of Debian that shipped with Syslinux 2.04 in binary and Syslinux 2.11 in source.

Baumann also found that source code for some components was missing from last November's beta version of KDE 4 - although this has now been removed from the Debian Live CDs distribution list.

The problem of synchronizing source and binary versions of Debian packages affected some Apple users last week when they tried to install the first beta release of the Lenny, the latest version Debian. Some users found their keyboard freezing up as a result of the wrong binary-only version of Syslinux being included in the package. In this case the current archive version of Syslinux (3.71) did not work - while an earlier version (3.63) embedded in Debian Installer worked fine.

Baumann has acknowledged that the problem is most likely the result of the increasingly heavy workload faced by the Debian community and the growing popularity of Debian-based Linux distros.

"It appears that as good as our package checks are, we spend little to no time to check our resulting products made from these packages," Baumann said.®

The Essential Guide to IT Transformation

More from The Register

next story
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
KDE releases ice-cream coloured Plasma 5 just in time for summer
Melty but refreshing - popular rival to Mint's Cinnamon's still a work in progress
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Put down that Oracle database patch: It could cost $23,000 per CPU
On-by-default INMEMORY tech a boon for developers ... as long as they can afford it
Another day, another Firefox: Version 31 is upon us ALREADY
Web devs, Mozilla really wants you to like this one
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.