lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Ybs/h3WAY3FFVC4/@kroah.com>
Date:   Thu, 16 Dec 2021 14:30:47 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Lukas Bulwahn <lukas.bulwahn@...il.com>
Cc:     Cai Huoqing <caihuoqing@...du.com>,
        Mauro Carvalho Chehab <mchehab+huawei@...nel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        linux-spdx@...r.kernel.org
Subject: Re: [PATCH v3] LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid
 identifiers

On Thu, Dec 16, 2021 at 02:28:10PM +0100, Lukas Bulwahn wrote:
> On Thu, Dec 16, 2021 at 2:17 PM Greg Kroah-Hartman
> <gregkh@...uxfoundation.org> wrote:
> >
> > On Thu, Dec 16, 2021 at 08:30:14PM +0800, Cai Huoqing wrote:
> > > On 16 12月 21 13:17:35, Mauro Carvalho Chehab wrote:
> > > > Some files have been flagged with the new LGPL-2.1-or-later
> > > > identifier which replace the original LGPL-2.1+ in the SPDX license
> > > > identifier specification, but the identifiers are not mentioned as
> > > > valid in the LGPL-2.1 license file.
> > > >
> > > > Add it, together with the LGPL-2.1-only at the the license file.
> > > >
> > > > Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@...nel.org>
> > > > ---
> > > >  LICENSES/preferred/LGPL-2.1 | 2 ++
> > > >  1 file changed, 2 insertions(+)
> > > >
> > > > diff --git a/LICENSES/preferred/LGPL-2.1 b/LICENSES/preferred/LGPL-2.1
> > > > index 27bb4342a3e8..b73f9b6230f5 100644
> > > > --- a/LICENSES/preferred/LGPL-2.1
> > > > +++ b/LICENSES/preferred/LGPL-2.1
> > > > @@ -1,5 +1,7 @@
> > > >  Valid-License-Identifier: LGPL-2.1
> > > > +Valid-License-Identifier: LGPL-2.1-only
> > > >  Valid-License-Identifier: LGPL-2.1+
> > > > +Valid-License-Identifier: LGPL-2.1-or-later
> > > >  SPDX-URL: https://spdx.org/licenses/LGPL-2.1.html
> > > The URL is deprecated, do we need to update it together.
> >
> > No.
> >
> > > The same, GPL-2.0, LGPL-2.0
> >
> > Again, no.  We are using an older version of the SPDX specification,
> > this is fine.
> >
> 
> Mauro's patch just makes sure that spdxcheck.py does not complain
> about the SPDX License Identifiers from SPDX spec v2 and from v3. It
> really does not deprecate anything or implies that everything in the
> kernel needs to move to v3 (which might really be some crazy
> disturbing refactoring effort without a lot of gain), but it allows
> developers that want to use the tags from SPDX spec v3 can do so.
> 
> I would assume making the kernel/a tool in the kernel supporting
> something more while being backwards-compatible is the standard way we
> work... So, Greg, this patch is fine to be included, right?

Yes, this patch is fine, I will queue it up in a bit, thanks!

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ