Review: openbabel 3.2.0+dfsg-1~exp
New Package Report
.changes
| Source | openbabel |
|---|---|
| Version | 3.2.0+dfsg-1~exp |
| Changed-By | Andrius Merkys |
| Architecture | source amd64 all |
| Distribution | experimental |
| Date | Wed, 27 May 2026 03:58:19 -0400 |
Changelog
openbabel (3.2.0+dfsg-1~exp) experimental; urgency=medium
.
* New upstream release (Closes: #1059277, #1116462, #1129566)
[CVE-2022-37331, CVE-2022-41793, CVE-2022-42885, CVE-2022-43467,
CVE-2022-43607, CVE-2022-44451, CVE-2022-46280, CVE-2022-46289,
CVE-2022-46290, CVE-2022-46291, CVE-2022-46292, CVE-2022-46293,
CVE-2022-46294, CVE-2022-46295, CVE-2025-10994, CVE-2025-10995,
CVE-2025-10996, CVE-2025-10997, CVE-2025-10998, CVE-2025-10999,
CVE-2025-11000, CVE-2026-2704, CVE-2026-2705, CVE-2026-3408].dsc
| Priority | optional |
|---|---|
| Component | main |
| Package-List | libchemistry-openbabel-perl deb perl optional arch=any libopenbabel-dev deb libdevel optional arch=any libopenbabel-doc deb doc optional arch=all libopenbabel8 deb libs optional arch=any openbabel deb science optional arch=any openbabel-gui deb science optional arch=any python3-openbabel deb python optional arch=any |
| Section | perl |
debian/copyright
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: Open Babel
Upstream-Contact: Geoffrey R. Hutchison <babel@geoffhutchison.net>
Source: https://github.com/openbabel/openbabel
License: GPL-2
Comment: This package was debianized by Michael Banck <mbanck@gmx.net> on
Wed, 28 Nov 2001 23:25:19 +0100. It is currently maintained by the
debichem team <debichem-devel@lists.alioth.debian.org>.
Files-Excluded:
include/inchi
include/libxml
scripts/csharp
src/formats/libinchi
Files: *
Copyright: 1998-2003 by OpenEye Scientific Software, Inc.
2000-2012, Geoffrey R. Hutchison
2004-2011, Chris Morley
2006-2012, Tim Vandermeersch
Portions Copyright (ordered alphabetically):
Adrià Cereto-Massagué 2012
Albert DeFusco 2011
Alex M. Clark 2002-2006
Alex Ustinov 2019
ALTANA PHARMA AG 2003-2005
Andrei Gakh 2007, 2008
Barry Moore 2012
Ben Bucior 2018
Benoit Jacob 2006, 2009
Casper Steinmann 2013
Craig A. James, eMolecules Inc 2005-2007, 2009
Culgi B. V. 2011-2019
Daniel Mansfield 2007
Dagmar Lenk 2014
David R. Koes 2015, 2019
David Lonie 2009, 2010
David van der Spoel 2015
Dirk Toewe 2016-2019
Donald E. Curtis 2006
Elmar Krieger 2002-2006
Fabien Fontaine 2003
Frank Peters 2009
Fredrik Wallner 2006
Gerde Menche 2007
Grupo de NanoMateriales 2012
International Union of Pure and Applied Chemistry (IUPAC) 2005
James Kanze 1998
Jean Bréfort 2007-2011
Jens Thomas 2008-2010
Jeremy W. Murphy 2010
Jiahao Chen 2010
Joerg Kurt Wegner 2010
Joerg-Ruediger Hill 1999
Kasper Peeters 2001-2009
Kirill Okhotnikov 2014
Konstantin L. Tokarev 2009, 2010
M. J. Harvey, Acellera Ltd 2015
Maciej Wojcikowski 2013
Marcus D. Hanwell 2008
Materials Design, Inc. 2012
Mathias Laurin 2014
Matt Swain 2013, 2017-2018
Maxim Fedorovsky 2007
Michael Banck 2003, 2004, 2009, 2011
Mike N. Burnett 2007
NextMove Software 2012, 2013, 2016, 2019
Nick England 2005
Noel M. O'Boyle 2008-2018
Oliver Weichold 1996-2002
Pat Lorton 2019
Patrick Fuller 2013
Patrick S. Avery 2015, 2018
Pawel Wolinski 2003
Rational Discovery LLC 2003-2006
Reinis Danne 2010
Sangwoo Shim 2006
Scarlet Line 2007-2008
Schrodinger Inc. 2013, 2016, 2019
Sergei V. Trepalin 2007, 2008
Serguei Patchkovskii 1996, 2003
Siemens and/or its affiliates 2025
Silicos NV 2005-2010
Stefan Kebekus 2002
Steffen Reith 1996-2002
Stuart Armstrong of Source Science 2010
Swiss National Supercomputing Centre (CSCS) 2006, 2007
Torsten Sachse 2016
University of Fribourg (Switzerland) 2007
University of Tuebingen, Germany 2001-2005
Vincent Favre-Nicolin 2006, 2009
Yixuan Qiu 2016-2019
License: GPL-2
Comment: Some files are licensed, such that you can redistribute them and/or
modify them under the terms of the GNU General Public License (GPL) as
published by the Free Software Foundation, ; either version 2 of the License,
or (at your option) any later version.
Files: data/SMARTS_InteLigand.txt
Copyright: 2005, Inte:Ligand Software-Entwicklungs und Consulting GmbH
License: LGPL-3
Files: src/formats/xml/iconv.h include/iconv.h
Copyright: 1999-2003 Free Software Foundation, Inc.
License: LGPL-2+
Files: src/strncasecmp.c
Copyright: 1998, 1999 Free Software Foundation, Inc
License: GPL-2+
Files: tools/getopt.*
Copyright: 1987-2001 Free Software Foundation, Inc
License: LGPL-2.1+
Files: src/formats/ArrayList.*
Copyright: 2006-2008 by Scientific Computing and Modelling NV
License: LGPL-2 or LGPL-2.1 or LGPL-3
Files: src/zipstreamimpl.h src/zipstream.h
Copyright: 2003, Jonathan de Halleux.
2003, Andreas Zieringer.
2005, Geoffrey Hutchison.
License: Zlib
Files: include/zlib.h include/zconf.h
Copyright: 1995-2005, Jean-loup Gailly and Mark Adler
License: Zlib
Files: src/formats/smiley.h
Copyright: 2012, Tim Vandermeersch
License: BSD-3-Clause
Files: cmake/modules/FindEigen3.cmake
Copyright: 2006, 2007, Montel Laurent
2008, 2009, Gael Guennebaud
2009, Benoit Jacob
License: BSD-2-Clause
Files: cmake/modules/FindInchi.cmake
Copyright: 2010, Marcus D. Hanwell
License: BSD-3-Clause
Files: cmake/modules/UsePythonTest.cmake
Copyright: 2006-2010, Mathieu Malaterre
License: BSD-3-Clause
Files: cmake/modules/FindCairo.cmake
Copyright: 2007, 2010, Pino Toscano
License: BSD-3-Clause
Files: scripts/perl/inc/Devel/CheckLib.pm
Copyright: 2007, David Cantrell
2007, David Golden
License: Perl
This module is free-as-in-speech software, and may be used, distributed,
and modified under the same conditions as perl itself.
Files: src/snprintf.c
Copyright: 1999-2002, Mark Martinec
License: Artistic or GPL
This program is free software; it is dual licensed, the terms of
the "Frontier Artistic License" or the "GNU General Public
License" can be chosen at your discretion. The chosen license
then applies solely and in its entirety.
.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty
of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the Frontier Artistic License for more details.
.
You should have received a copy of the Frontier Artistic License
with this Kit in the file named LICENSE.txt .
If not, I'll be glad to provide one.
Files: data/MACCS.txt
Copyright: 2001-2008, Greg Landrum and Rational Discovery LLC
License: BSD-3-Clause
Files: debian/*
Copyright: 2002-2012 Michael Banck <mbanck@debian.org>
2007-2012 Daniel Leidert <dleidert@debian.org>
License: GPL-2+
License: GPL-2
On Debian systems the complete text of the GNU General Public License
version 2 can be found in the file `/usr/share/common-licenses/GPL-2'.
License: GPL-2+
On Debian systems the complete text of the GNU General Public License
version 2 can be found in the file `/usr/share/common-licenses/GPL-2'.
License: LGPL-2
On Debian systems the complete text of the GNU Lessser General Public
License 2 can be found in the file `/usr/share/common-licenses/LGPL-2'.
License: LGPL-2+
On Debian systems the complete text of the GNU Lessser General Public
License 2 can be found in the file `/usr/share/common-licenses/LGPL-2'.
License: LGPL-2.1
On Debian systems the complete text of the GNU Lessser General Public
License 2.1 can be found in the file `/usr/share/common-licenses/LGPL-2.1'.
License: LGPL-2.1+
On Debian systems the complete text of the GNU Lessser General Public
License 2.1 can be found in the file `/usr/share/common-licenses/LGPL-2.1'.
License: LGPL-3
On Debian systems, the complete text of the GNU Lesser General Public
License can be found in "/usr/share/common-licenses/LGPL-3".
License: Zlib
This software is provided 'as-is', without any express or implied warranty. In
no event will the authors be held liable for any damages arising from the use
of this software.
.
Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it freely,
subject to the following restrictions:
.
1. The origin of this software must not be misrepresented; you must not claim
that you wrote the original software. If you use this software in a
product, an acknowledgment in the product documentation would be
appreciated but is not required.
.
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
.
3. This notice may not be removed or altered from any source distribution
License: BSD-3-Clause
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of the University nor the names of its contributors
may be used to endorse or promote products derived from this software
without specific prior written permission.
.
THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
License: BSD-2-Clause
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
.
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Review Information
accepted — allocated to awm 17 days ago, started 17 days ago, completed 16 days ago.
Final Comment
Hi,
Some notes from my review which it would be good if you could fix on your
next upload...
There seem to be three authors missing from the credits list in debian/copyright - see full notes for list.
The license listed as 'Artistic' is a variant of the original Artistic license known as the "Frontier Artistic License". The differences are subtle and it doesn't affect it's DFSG status, but renaming it would be clearer - ideally the full license text for each license should be included in the debian/copyright too.
The license listed as 'Perl' appears to be an upgradable grant which should mean that it is licensed under the Artistic-2.0 license, since that is the terms under which "Perl" is currently licensed.
Thanks!
Full text of Frontier Artistic License below.
THE FRONTIER ARTISTIC LICENSE Version 1.0
Copyright © (c) 1999 by Samuel Reynolds.
Derived from the "Artistic License" at "OpenSource.org".
Submitted to OpenSource.org for Open Source Initiative certification.
PREAMBLE
The intent of this document is to state the conditions under which a
Package may be copied, such that the Copyright Holder maintains some
semblance of artistic control over the development of the package,
while giving the users of the package the right to use and distribute
the Package in a more-or-less customary fashion, plus the right to
make reasonable modifications.
DEFINITIONS
o "Package" refers to the script, suite, file, or collection of scripts,
suites, and/or files distributed by the Copyright Holder, and to
derivatives of that Package created through textual modification.
o "Standard Version" refers to such a Package if it has not been
modified, or has been modified in accordance with the wishes of the
Copyright Holder.
o "Copyright Holder" is whoever is named in the copyright statement or
statements for the package.
o "You" is you, if you're thinking about copying or distributing this
Package.
o "Reasonable copying fee" is whatever you can justify on the basis of
media cost, duplication charges, time of people involved, and so on.
(You will not be required to justify it to the Copyright Holder, but
only to the computing community at large as a market that must bear the
fee.)
o "Freely Available" means that no fee is charged for the item itself,
though there may be fees involved in handling the item. It also means
that recipients of the item may redistribute it under the same
conditions they received it.
TERMS
-
You may make and give away verbatim copies of the source form of the
Standard Version of this Package without restriction, provided that you
duplicate all of the original copyright notices and associated disclaimers. -
You may apply bug fixes, portability fixes, and other modifications
derived from the Public Domain or from the Copyright Holder. A Package
modified in such a way shall still be considered the Standard Version. -
You may otherwise modify your copy of this Package in any way, provided
that you insert a prominent notice in each changed script, suite, or file
stating how and when you changed that script, suite, or file, and provided
that you do at least ONE of the following:a) Use the modified Package only within your corporation or
organization, or retain the modified Package solely for personal use.b) Place your modifications in the Public Domain or otherwise make them
Freely Available, such as by posting said modifications to Usenet or an
equivalent medium, or placing the modifications on a major archive site
such as ftp.uu.net, or by allowing the Copyright Holder to include your
modifications in the Standard Version of the Package.c) Rename any non-standard executables so the names do not conflict
with standard executables, which must also be provided, and provide a
separate manual page (or equivalent) for each non-standard executable
that clearly documents how it differs from the Standard Version.d) Make other distribution arrangements with the Copyright Holder.
-
You may distribute the programs of this Package in object code or
executable form, provided that you do at least ONE of the following:a) Distribute a Standard Version of the executables and library files,
together with instructions (in the manual page or equivalent) on where
to get the Standard Version.b) Accompany the distribution with the machine-readable source of the
Package with your modifications.c) Accompany any non-standard executables with their corresponding
Standard Version executables, give the non-standard executables
non-standard names, and clearly document the differences in manual
pages (or equivalent), together with instructions on where to get the
Standard Version.d) Make other distribution arrangements with the Copyright Holder.
-
You may charge a reasonable copying fee for any distribution of this
Package. You may charge any fee you choose for support of this Package.
You may not charge a fee for this Package itself. However, you may
distribute this Package in aggregate with other (possibly commercial)
programs as part of a larger (possibly commercial) software distribution
provided that you do not advertise this Package as a product of your own. -
The scripts and library files supplied as input to or produced as
output from the programs of this Package do not automatically fall under
the copyright of this Package, but belong to whomever generated them, and
may be sold commercially, and may be aggregated with this Package. -
Scripts, suites, or programs supplied by you that depend on or
otherwise make use of this Package shall not be considered part of this
Package. -
The name of the Copyright Holder may not be used to endorse or promote
products derived from this software without specific prior written
permission. -
THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
Public Notes
Missed Author Check
Command: dnq author-check -prepare
Exit code: 0
Author check: scanned 37458 files.
NOT IN debian/copyright (3):
Carnegie Mellon
test/files/fuzz_regress/methane-pointgroup.g09:13
Gaussian, Inc.
test/files/fuzz_regress/methane-pointgroup.g09:10
test/files/fuzz_regress/methane-pointgroup.g09:11
test/files/fuzz_regress/methane-pointgroup.g09:12
test/files/fuzz_regress/methane-pointgroup.g09:7
test/files/fuzz_regress/methane-pointgroup.g09:8
... and 1 more file
GNM http://www.gnm.cl
src/formats/lpmdformat.cpp:2
Result: ATTENTION REQUIRED — 3 authors not in debian/copyright
Lintian
Command: lintian -Iiv -L '>=warning' --show-overrides --color=never ../$(basename $PWD)_*.changes
Exit code: 0
N:
W: libopenbabel8: national-encoding [usr/share/openbabel/3.2.0/ghemical.prm]
N:
N: A file is not valid UTF-8.
N:
N: Debian has used UTF-8 for many years. Support for national encodings is
N: being phased out. This file probably appears to users in mangled
N: characters (also called mojibake).
N:
N: Packaging control files must be encoded in valid UTF-8.
N:
N: Please convert the file to UTF-8 using iconv or a similar tool.
N:
N: Visibility: warning
N: Show-Always: no
N: Check: files/encoding
N: Renamed from: national-encoding-in-text-file
N: debian-changelog-file-uses-obsolete-national-encoding
N: debian-control-file-uses-obsolete-national-encoding
N: debian-copyright-file-uses-obsolete-national-encoding
N: debian-news-file-uses-obsolete-national-encoding
N: debian-tests-control-uses-national-encoding
N: doc-base-file-uses-obsolete-national-encoding
N: national-encoding-in-debconf-template national-encoding-in-manpage
N:
Licenserecon
Command: lrc -s
Exit code: 3
en: Versions: licenserecon '17.0' licensecheck '3.3.9-1'
Parsing Source Tree ....
Reading d/copyright ....
Running licensecheck ....
d/copyright | licensecheck
GPL-2 | public-domain data/chemdrawcdx.h
LGPL-3 | LGPL data/SMARTS_InteLigand.txt
GPL-2 | GPL doc/FAQ.html
GPL-2 | public-domain include/chemdrawcdx.h
GPL-2 | GPL-2 and/or LGPL include/openbabel/inchiformat.h
GPL-2 | GPL-2+ include/openbabel/isomorphism.h
GPL-2 | GPL-2 and/or GPL-3+ include/openbabel/tree/tree.hh
GPL-2 | GPL pyproject.toml
GPL-2 | GPL-2+ src/formats/adfformat.cpp
LGPL-2 or LGPL-2.1 or LGPL-3| LGPL-2 or LGPL-3 src/formats/ArrayList.c
GPL-2 | GPL-2+ src/formats/gausscubeformat.cpp
GPL-2 | GPL-2 and/or LGPL src/formats/inchiformat.cpp
GPL-2 | GPL-2+ src/formats/MNAformat.cpp
GPL-2 | public-domain test/files/1519159.cif
GPL-2 | Apache-2.0 test/fuzz/FuzzedDataProvider.h
Short option in use. Not all differences shown
License Check
Command: dnq license-check -prepare
Exit code: 0
License check [main]:
Found 13 unique license identifier(s) in debian/copyright:
COMPATIBLE (12):
Artistic [Artistic License 1.0]
BSD-2-Clause
BSD-3-Clause
GPL
Please make an effort to review the license and discover which version of the
GPL this is, and whether the licensing permits use of later versions of the
GPL at the user's option. I.e. is this "GPL-1+
GPL-2
GPL-2+ [GPL-2 or later; compatible with Apache-2.0 via GPL-3]
LGPL-2
LGPL-2+ [LGPL-2 or later]
LGPL-2.1
LGPL-2.1+ [LGPL-2.1 or later]
LGPL-3
Zlib
UNKNOWN (not in DFSG license database):
Perl (manually verify DFSG compatibility)
Result: ATTENTION REQUIRED
- 1 unrecognized license(s) require manual review