RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1418917 - Non free files in Chromium
Summary: Non free files in Chromium
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: chromium-browser
Version: 6.10
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Tomas Popela
QA Contact: Tomas Pelka
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-02-03 07:16 UTC by Brigham Keys
Modified: 2017-12-06 11:05 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-12-06 11:05:53 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Brigham Keys 2017-02-03 07:16:33 UTC 
Description of problem:
There are unlicensed (non free) files within Chromium, they are listed here in this Lintian page
https://lintian.debian.org/maintainer/pkg-chromium-maint@lists.alioth.debian.org.html#chromium-browser
Some of the files look innocent like

    third_party/catapult/tracing/third_party/d3/d3.min.js

I know that file is BSD licensed because I use d3 for my day job. But others seem a bit more heinous such as

    third_party/analytics/google-analytics-bundle.js line length is 525 characters (>512)

Should probably be no where near the Fedora repositories. There is a fork of Chromium called ungoogled-chromium which has some involvement as well I believe

https://github.com/Eloston/ungoogled-chromium

Version-Release number of selected component (if applicable):
55

Additional info:
Pipermail in the Parabola mailing list
https://www.mail-archive.com/gnu-linux-libre@nongnu.org/msg02203.html
We should also report bugs in QtWebEngine as well because it depends on Chromium, which contains non free files.
Comment 3 Tom "spot" Callaway 2017-02-09 16:41:58 UTC 
There is so much noise in those threads (some of them dating back to 2009). I looked through the current Lintian report and checked all of those files in the latest stable Chromium tree and without any exception, they're either not in the Fedora build (we nuke a lot of unused bundled "third_party" code) or they're clearly under a Free license. A few of the files are minified, but the upstreams have the unminified code.

e.g. https://github.com/GoogleChrome/chrome-platform-analytics

I'm not passing judgement on the morality or ethics of Google's javascript choices, but I do not see any non-Free files in the Lintian list.

If there are specific files which you (or anyone) feels to be non-free, please feel free to point it out.
Comment 4 Brigham Keys 2017-02-13 20:00:13 UTC 
Perhaps we can notify Chromium upstream about these non free files, even though they are not included in the RH distributions.
Comment 5 Tom "spot" Callaway 2017-02-13 20:07:00 UTC 
I'm sorry, I was unclear. I did not find _any_ non-free files. There are files which Fedora removes which are in the Debian Lintian report, but we do not remove them because they are non-free, but because we do not use them in the compile.
Comment 6 Brigham Keys 2017-02-13 20:08:40 UTC 
What about the file
    third_party/analytics/google-analytics-bundle.js line length is 525 characters (>512)
That was in the lintian report? I thought google analytics was completely non free?
Comment 7 Tom "spot" Callaway 2017-02-13 20:17:59 UTC 
(In reply to Brigham Keys from comment #6)
> What about the file
>     third_party/analytics/google-analytics-bundle.js line length is 525
> characters (>512)
> That was in the lintian report? I thought google analytics was completely
> non free?

I don't know why you think that. It's Apache 2.0, as referenced by the upstream home for google-analytics-bundle.js: https://github.com/GoogleChrome/chrome-platform-analytics
Comment 8 Tomas Popela 2017-02-14 08:27:39 UTC 
(In reply to Brigham Keys from comment #4)
> Perhaps we can notify Chromium upstream about these non free files, even
> though they are not included in the RH distributions.

I think that Debian should be the one who should open the upstream bug to let the Chromium developers know about the situation. But that should happened few months (years) ago when the spotted it. I asked them[0] if they've done so, but without any answer yet.

[0] - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787527
Comment 9 Jan Kurik 2017-12-06 11:05:53 UTC 
Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available.

The official life cycle policy can be reviewed here:

http://redhat.com/rhel/lifecycle

This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL:

https://access.redhat.com/
Note You need to log in before you can comment on or make changes to this bug.