Description of problem: azureus implements elliptic curve cryptography (ECC), which is patented and therefore not allowed to be included in Fedora. See bug #319901 for detailed discussion about ECC in OpenSSL package. Version-Release number of selected component (if applicable): 1.46-10 Steps to Reproduce: 1. unpack package sources 2. grep -i -r elliptic
(In reply to Mikolaj Izdebski from comment #0) > Version-Release number of selected component (if applicable): > 1.46-10 Version should be 5.0.0.0-2
This may now be a non-issue. See bug #319901. CC'ing Tom.
as recommended in bug #1019390 this is not a bug anymore , closing
JFTR: After removed bundled libs rm -fR org/apache rm -fR org/bouncycastle rm -fR org/json result of: grep -i -r elliptic is nothing All elliptic curve cryptography (ECC) are in org/bouncycastle , so this package with or without elliptic curve cryptography in Fedora / Redhat is safe . Further investigation: cd com/aelitis/azureus/core/security/ grep -r ECName CryptoECCUtils.java:import org.bouncycastle.jce.ECNamedCurveTable; CryptoECCUtils.java:import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; CryptoECCUtils.java: private static final ECNamedCurveParameterSpec ECCparam = ECNamedCurveTable.getParameterSpec("prime192v2") Azureus use prime192v2 from bouncycastle .