[clamav-users] Planned Addition Of OpenSSL Dependency

Lawrence K. Chen, P.Eng. lkchen at ksu.edu
Tue Mar 18 14:51:46 EDT 2014



On 03/12/14 14:13, Scott Kitterman wrote:
> http://www.clamav.net/lang/en/2014/02/22/introducing-openssl-as-a-dependency-to-clamav/
> 
> I just noticed this.  I do the clamav packages for Debian/Ubuntu.  Adding the 
> dependency is fine from a technical perspective, but there is, at least 
> currently, a licensing concern.  The OpenSSL license is not GPL compatible and 
> the policy in Debian/Ubuntu is that OpenSSL is not covered by the GPL system 
> library exception.
> 
> There is a good discussion of it here:
> 
> https://people.gnome.org/~markmc/openssl-and-the-gpl.html
> 
> 
Sounds funny to me that it says "A much safer option is to use either the GNU
TLS or Mozilla NSS library."

Recently there was an update to gnutls3, which has a new dependency for
libunbound.so. Where to install the unbound package, there is a dependency for
OpenSSL-1.0.1f.  Which I don't want getting installed on my system, so I
deleted the (one) package that had introduced gnutls3....

All the other packages that want gnutls use the 2.x version.

-- 
Who: Lawrence K. Chen, P.Eng. - W0LKC - Sr. Unix Systems Administrator
For: Enterprise Server Technologies (EST) -- & SafeZone Ally



More information about the clamav-users mailing list