Red Hat Bugzilla – Bug 162464
[ipr] Unclear licensing for some krb5 (Kerberos) files
Last modified: 2007-11-30 17:07:07 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.7.8) Gecko/20050512 Red Hat/1.0.4-1.4.1 Firefox/1.0.4
Description of problem:
The source RPM of krb5 (at least on version 1.2.7) contains six (06) files with an unclear (possibly questionable) licensing:
Copyright (c) 1990 Dennis Ferguson. All rights reserved.
Commercial use is permitted only if products which are derived from
or include this software are made available for purchase and/or use
in Canada. Otherwise, redistribution and use in source and binary
forms are permitted.
This may be a concern for some OEM vendors shipping Red Hat Enterprise Linux.
Version-Release number of selected component (if applicable):
Checked on 1.2.7-28 (should apply to all versions)
Steps to Reproduce:
On Red Hat Enterprise Linux 3 (possibly other releases)
1. up2date --get-source up2date --get-source krb5-libs
2. rpm -Uvh /var/spool/up2date/krb5-1.2.7-28.src.rpm
3. cd /usr/src/redhat/SPECS/
4. rpmbuild -bp krb5.spec
5. cd /usr/src/redhat/BUILD/krb5-1.2.7/
6. View src/lib/crypto/des/f_cksum.c, src/lib/crypto/des/f_sched.c, src/lib/crypto/des/f_tables.c, src/lib/crypto/des/f_tables.h and src/lib/des425/pcbc_encrypt.c
Actual Results: An unclear (possibly legally questionable) usage and distribution license.
Expected Results: A clearer licensing (GPL?) for usage and distribution.
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
For more information of the RHEL errata support policy, please visit:
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.