All Projects

Project  ascCategoryTask TypePrioritySeveritySummaryStatusProgress
PackagesAnyBackport RequestVery LowMediumNo Resource Url Leak for IceapeUnconfirmed
0%
Task Description

1.2.4 version would be nice for Iceape.

PackagesAnyBackport RequestVery LowLowUblock Origin for IceapeIn Progress
90%
Task Description

The version I desire is this: 1.16.4.6

PackagesAnyBackport RequestVery LowVery LowIcetray for Iceape-uxpAssigned
0%
Task Description

This already works for it, but I just thought I would request it to be put in.

PackagesAnyFreedom IssueVery LowLowEnigmail for IceapeUnconfirmed
0%
Task Description

this would be appreciated greatly, although I am in no hurry.

PackagesAnyFreedom IssueVery LowMedium[mongodb] needs OpenRC init scriptUnconfirmed
0%
Task Description

Description:
needs OpenRC init script

Additional info:
* mongodb-3.4.3-1

PackagesAnyBug ReportLowHigh[kaccounts-integration] option to add NextCloud/OwnClou...Unconfirmed
0%
Task Description

Description:

  • Option to add NextCloud/OwnCloud accounts in ‘Online Accounts’ section of System Settings not appearing.

Additional info:
* package version(s)

  • 17.04.0-1

* config and/or log files etc.

  • N/A

Steps to reproduce:

  • Run application
  • Go to ‘Online Accounts’ section of System Settings
PackagesAnyBug ReportLowHigh[kdenetwork-kopete] clicking to add an Jabber Account o...Unconfirmed
0%
Task Description

Description:

  • Clicking to add an Jabber Account opens a dialog with no fields to enter information.

Additional info:
* package version(s)

  • 17.04.0-3.hyperbola1

* config and/or log files etc.

  • N/A

Steps to reproduce:

  • Run Application
  • Clicking to add an Jabber Account
PackagesAnyImplementation RequestVery LowMedium[midori] please re-add new releasesUnconfirmed
0%
Task Description

The security issues regarding the package which led to the package’s removal from Hyperbola (old WebKit and Vala dependency) have apparently been resolved in recent releases, see the new comment in this bug report and the latest PKGBUILD in Arch’s repo.

https://launchpad.net/bugs/1698483

https://www.archlinux.org/packages/community/x86_64/midori/

PackagesAnyPrivacy IssueVery LowLow[github] check github-related packagesResearching
0%
Task Description

We should check if the following packages run any non-free JS (like youtube-dl) or access a proprietary API:

- hub
- python-pygithub
- python2-pygithub

I haven’t check them, but they look fishy. Take it as a reminder, this is far from being urgent IMO.

PackagesAnyBug ReportLowHigh[xfce4-power-manager] locking session issueRequires Testing
90%
Task Description

I probably should’ve mentioned this before, but if it is set to suspend when lid is closed, it should automatically lock. if the security option: lock screen with system is set to sleep is tweaked on it doesn’t lock always.

This is word for word what I wrote in the forums, but yeah... it is a problem say if someone wants to use your laptop without your permission and can do so.

But it is also a problem if you set it to lock instead because it is more prone to overheating when your not using it, and it doesn’t suspend quickly enough.

I have tried this many times and the same story can be told, again and again.

I think this issue should be considered high or critical merely because of the privacy risk if someone gets their hands on your laptop while its on. Even if you have been away... :/

I wonder if anyone else has this issue... well you guys will tell me I am sure. if critical doesn’t match what you think I am sure you will change it. ;)

PackagesAnyBug ReportVery LowLowmarble-qt: doesn't look like a valid Marble plugin: "/...Unconfirmed
0%
Task Description

Description:

$ marble-qt –latlone=0.5,6.5
Ignoring to load the following file since it doesn’t look like a valid Marble plugin: “/usr/lib/marble/plugins/libWlocatePositionProviderPlugin.so” Reason: “Cannot load library /usr/lib/marble/plugins/libWlocatePositionProviderPlugin.so: (libwlocate.so: cannot open shared object file: No such file or directory)”

When package libwlocate is installed, it is not showing this error.

Shall that package be dependency?

PackagesAnyFreedom IssueVery LowHigh[gitlab] systemd reference & command not found during i...Unconfirmed
0%
Task Description

(14/14) installing gitlab [##############################] 100%
/tmp/alpm_bCqhHf/.INSTALL: line 2: systemd-tmpfiles: command not found

PackagesAnyImplementation RequestVery LowLow[qarte] add packageUnconfirmed
0%
Task Description

Request for :

qarte

“Allow you to browse into the archive of arte+7 & arteLiveWeb sites and to record your prefered videos.”

https://aur.archlinux.org/packages/qarte

License : GPL3

PackagesAnyFreedom IssueVery LowLowAdd Lumina DesktopUnconfirmed
0%
Task Description

A Desktop Enivronment mostly focused on BSD, but also one that is very lightweight and easily customized. Would love to see this desktop on Hyperbola and later whenever Emulatorman makes it, Hyperbola/GNU/HyperBK

https://github.com/lumina-desktop/lumina/releases

Version is the latest one in above link of stable.

PackagesAnyFeature RequestVery LowLowadd package powerkitUnconfirmed
0%
Task Description

https://github.com/rodlie/powerkit/releases

Version 1.0 requested

When you add Lumina desktop, add this package for sure. Although it is compatible with other desktops too. So it would be good to add it regardless.

PackagesAnyFeature RequestVery LowMediumAdd Draco DesktopUnconfirmed
0%
Task Description

https://github.com/rodlie/draco

its like Lumina Desktop, but its more lightweight and better for Gnu/Linux

:)

Matter of fact, I hope its okay, but the latest stable build, of Draco is vastly better than Lumina. And for this reason I wanted to know if you could put higher priority on this than the Lumina Desktop request.

PackagesAnyBug ReportVery LowMedium[ rtkit ] contains systemd unit filesUnconfirmed
0%
Task Description

Description:

The Arch version of tinc from the snapshot used by Hyperbola comes with systemd support. Since Hyperbola follows the Init Freedom Campaign , systemd unit files removal is required or add OpenRC init scripts to replace it.

Additional info:

pacman -Ql rtkit
rtkit /etc/
rtkit /etc/dbus-1/
rtkit /etc/dbus-1/system.d/
rtkit /etc/dbus-1/system.d/org.freedesktop.RealtimeKit1.conf
rtkit /usr/
rtkit /usr/bin/
rtkit /usr/bin/rtkitctl
rtkit /usr/lib/
rtkit /usr/lib/rtkit/
rtkit /usr/lib/rtkit/rtkit-daemon
rtkit /usr/share/
rtkit /usr/share/dbus-1/
rtkit /usr/share/dbus-1/interfaces/
rtkit /usr/share/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml
rtkit /usr/share/dbus-1/system-services/
rtkit /usr/share/dbus-1/system-services/org.freedesktop.RealtimeKit1.service
rtkit /usr/share/licenses/
rtkit /usr/share/licenses/rtkit/
rtkit /usr/share/licenses/rtkit/COPYING
rtkit /usr/share/licenses/rtkit/LICENSE
rtkit /usr/share/man/
rtkit /usr/share/man/man8/
rtkit /usr/share/man/man8/rtkitctl.8.gz
rtkit /usr/share/polkit-1/
rtkit /usr/share/polkit-1/actions/
rtkit /usr/share/polkit-1/actions/org.freedesktop.RealtimeKit1.policy

* package version(s)
rtkit 0.11-1.hyperbola1

* config and/or log files etc.

Jun 26 10:41:50 gnu mtp-probe: checking bus 1, device 8: “/sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.4”
Jun 26 10:41:50 gnu mtp-probe: bus: 1, device: 8 was not an MTP device
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu rtkit-daemon[3059]: Failed to look up client: No such file or directory
Jun 26 10:44:44 gnu pulseaudio[4401]: [pulseaudio] bluez5-util.c: GetManagedObjects() failed: org.freedesktop.DBus.Error.ServiceUnknown: The name org.bluez was not provided by any .service files

Steps to reproduce:

PackagesAnyBug ReportMediumHigh[notmuch-mutt] missing requirementResearching
0%
Task Description

Description:
notmuch-mutt fails to compile without perl-mail-message which is missing in Hyperbola

Steps to reproduce:
Install notmuch-mutt and try `notmuch-mutt` at the command line. Then install `perl-mail-message` from Arch and try again.

PackagesAnyFeature RequestVery LowMedium[minidlna] remove systemd file and add openrc supportUnconfirmed
0%
Task Description

Description:

minidlna lacks openrc support and includes a systemd file

Additional info: none

Steps to reproduce:

$ sudo pacman -S minidlna
$ cat /usr/lib/systemd/system/minidlna.service

PackagesAnyBug ReportVery LowMedium[clamtk] Gtk-WARNING **: Impossible to find the theme e...Assigned
0%
Task Description

Additional info:
* package version

Repositorio               : community
Nombre                    : clamtk
Versión                   : 5.24-1
Descripción               : Easy to use, light-weight, on-demand virus scanner for Linux
                            systems
Arquitectura              : any
URL                       : https://dave-theunsub.github.io/clamtk/
Licencias                 : GPL
Grupos                    : Nada
Provee                    : Nada
Depende de                : clamav  perl  gtk2-perl  perl-locale-gettext  perl-libwww
                            perl-http-message  perl-lwp-protocol-https  perl-text-csv
                            perl-json  python  zenity  desktop-file-utils  gnome-icon-theme
                            cron
Dependencias opcionales   : Nada
En conflicto con          : Nada
Remplaza a                : Nada
Tamaño de la descarga     : 179,90 KiB
Tamaño de la instalación  : 1378,00 KiB
Encargado                 : Levente Polyak <anthraxx@archlinux.org>
Fecha de creación         : sáb 19 nov 2016 20:25:20 -05
Validado por              : Suma MD5  Suma SHA-256  Firma

* config and/or log files etc.

$ clamtk
Gtk-WARNING **: Imposible encontrar el motor de temas en la ruta al _modulo: «clearlooks», at /usr/lib/perl5/vendor_perl/ClamTk/GUI.pm line 35.

Steps to reproduce:

* Install clamtk in all version

PackagesAnyBug ReportVery LowHighgroff: package not built with URW fonts properly or suc...Unconfirmed
0%
Task Description

Description:

groff is typesetting system similar to TeX/LaTeX however, it is very small and very usable. It is not built properly with URW fonts, or such are missing, I cannot know all details. Overall groff package is basically somehow broken.

It shall depend on proper fonts, and such fonts should already be built, including their Unicode versions.

Package is only partially built.

PackagesAnyImplementation RequestVery LowMedium[nnn] package requestUnconfirmed
0%
Task Description

This is a request to package nnn - a full-featured terminal file manager for low-end devices and the regular desktop.

nnn is available on Debian, Ubuntu (and family), Fedora, OpenSUSE and Arch Linux.

Homepage: https://github.com/jarun/nnn License: BSD 2-Clause

I would highly appreciate if nnn can be added to the repository.

PackagesAnyFreedom IssueVery LowLow[arm-unknown-linux-gnueabi-gcc] not working; needs prop...Unconfirmed
0%
Task Description

Description:
I believe the arm-unknown-linux-gnueabi-gcc package to be broken as described here.

Additional info:
* package version(s) - arm-unknown-linux-gnueabi-gcc - all versions

Steps to reproduce:
I don’t think “steps to reproduce” to be relevant in this case. My forum topic linked above already contains all the necessary info on the subject :) However, one could try compiling glibc and busybox as described here. Yes, these are instructions for debian-like systems. They have to be adapted accordingly

PackagesAnyImplementation RequestVery LowMediumSupport of MPTCP (Multipath TCP) on HyperbolaUnconfirmed
0%
Task Description

Patch for 4.9 : https://multipath-tcp.org/patches/mptcp-v4.9-c88d1d56809e.patch

AUR : https://aur.archlinux.org/packages/linux-mptcp/

PackagesAnyImplementation RequestVery LowHighAdd MPTCP (MultiPath TCP) to HyperbolaUnconfirmed
0%
Task Description

https://aur.archlinux.org/packages/linux-mptcp/

Kernel Patch for 4.9 :
http://multipath-tcp.org/patches/mptcp-v4.9-c88d1d56809e.patch

Compile :
https://multipath-tcp.org/pmwiki.php/Users/DoItYourself

PackagesAnyImplementation RequestLowLow[opmsg] add new packageResearching
0%
Task Description

Description: opmsg is a replacement for gpg which can encrypt/sign/verify your mails or create/verify detached signatures of local files. Even though the opmsg output looks similar, the concept is entirely different.

Additional info:
https://aur.archlinux.org/packages/opmsg/

PackagesAnyImplementation RequestVery LowLow[xfce4-alsa-plugin] add packageUnconfirmed
0%
Task Description

Please add xfce4-alsa-plugin (to get rid of pulseaudio plugin on xfce)

License: GPL3

https://aur.archlinux.org/packages/xfce4-alsa-plugin/ https://github.com/equeim/xfce4-alsa-plugin

PackagesAnyBug ReportVery LowMedium[slim] login screen not displaying correctlyAssigned
0%
Task Description

It worked fine on the previous version of Hyperbola. The word user/username does not show up. A workaround is to wait 10 seconds and enter the username and click enter - then it will switch correctly to the password screen (otherwise you need to enter the username and password at least twice in order to successfully login).

PackagesAnyBug ReportVery LowMedium[openrc] cannot load fuse at bootUnconfirmed
0%
Task Description

I added
<quote>modules=”fs-fuse”</quote>
to /etc/conf.d/modules (and also “fuse” instead).

I looked in /var/log/rc.log and I see this line

<quote>modprobe: FATAL: Module fs-fusetun not found in directory /lib/modules/4.9.194-gnu-1-lts</quote>

It looks like modprobe added “tun” to the filename which prevents loading the module.

PackagesAnyBug ReportVery LowMedium[exfat-utils] filesystem can only be mounted manuallyUnconfirmed
0%
Task Description

One can mount exfat by running commands such as “sudo modprobe fuse” and “sudo mount.exfat /dev/sdc1 /mnt/storage” but it is inconvenient.

Also, loading fuse at startup is problematic - see here:

https://issues.hyperbola.info/index.php?do=details&task_id=1433

PackagesAnyFeature RequestMediumHigh[supervisor] contains systemd unit fileIn Progress
0%
Task Description

The Arch version of “supervisor” from the snapshot used by Hyperbola comes with systemd support. Since Hyperbola follows the a global ruleset for INIT-freedom, systemd unit files removal is required and adding support for other init-systems (preferred OpenRC for now) to replace it.

PackagesAnyBug ReportVery LowCritical[system-config-printer] Impossible to print some pdfs (...Assigned
0%
Task Description

Hello,

I’m unable to print some pdfs on my Hyperbola 3.0 system.
Some background :

cups is installed, service enabled and working
system-config-printer is installed and my printer has been correctly added.

I can print most pdfs and text files but recently with a pdf, it fails to print it.* And system-config-printer returned the following error (see capture) :

Printer "EPSON XP-620-Series" requires the '/usr/lib/cups/filters/epson-escpr-wrapper' but it is not currently installed.

Currently, “epson-escpr-wrapper” is installed but it is in :

/usr/libexec/cups/filters/epson-escpr-wrapper

Looking at source code of system-config-printer, it expects that wrapper to be installed in “/usr/lib/” so I tried to symlink that “epson-escpr-wrapper” to “/usr/lib/cups/filters” but it doesn’t work..

*With a Debian system and the exact same configuration, the “problematic” pdf prints just fine so it is not an issue with the pdf.

PackagesAnyUpdate RequestVery LowMedium[lmms] update package version to 1.2.0Unconfirmed
0%
Task Description

In the latest version, it has many more changes with new and improvement features, and fixes function issues since released as preview stage in every eight times per three years ago[1]. And also it is possible to rebuild package with sndio.

[1]: https://github.com/LMMS/lmms/releases/ (see all sections below from 1.2.0-RC1 to 1.2.0 in the version history releases)

PackagesAnyBug ReportVery LowHigh[rubyripper] GUI doesn't workUnconfirmed
0%
Task Description

rrip_gui does not work. The fix is to install cairo-gobject which is not in the repos. Attached is a working PKGBUILD adapted from the official one.

PackagesAnyImplementation RequestVery LowMedium[SPF][postfix] implement pypolicyd-spf and postfix-poli...Unconfirmed
0%
Task Description

Description:
Hyperbola has the following SPF implementations:
* libspf2
* perl-mail-spf
* perl-mail-spf-query

However, none of them work out of the box with postfix. There’s postfix-policyd-spf-perl, which uses one the current perl implementations (perl-mail-spf), takes no time to build and all the dependencies are already satisfied with Hyperbola’s packages

Here I made a PKGBUILD that’s compliant with the packaging standards:

pkgname=postfix-policyd-spf-perl
pkgver=2.011
pkgrel=1
pkgdesc='Postfix SPF policy engine, written in Perl'
arch=(i686 x86_64)
url='https://launchpad.net/postfix-policyd-spf-perl/'
license=(GPL)
depends=(perl-mail-spf perl-netaddr-ip perl-sys-hostname-long)
source=("https://launchpad.net/postfix-policyd-spf-perl/trunk/${pkgver}/+download/${pkgname}-${pkgver}.tar.gz"{,.asc})
sha512sums=('22fc00bf74912056a67e937a460ac1fd878f1cb1a3bfa7b19bc5f1e6bc1c36d815dcf8c945e818d242ed5e72a6295bb0e1569446e06b09aefb2842993b8016ba'
            'SKIP')
validpgpkeys=(E7729BFFBE85400FEEEE23B178D7DEFB9AD59AF1) # Scott Kitterman

package() {
  cd "${pkgname}-${pkgver}"

  install -Dm755 "${pkgname}" "${pkgdir}/usr/libexec/postfix/${pkgname}"
  install -Dm644 CHANGES INSTALL README -t "${pkgdir}/usr/share/doc/${pkgname}"
  install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}

in the other hand, to give users the possibility of having more options, we could add pypolicyd-spf (AUR), which depends in pyspf (AUR) and other packages that Hyperbola has. In fact, ArchWiki talks about this implementation, but this might not be relevant.

PackagesAnyImplementation RequestVery LowLow[emacs-exwm] add packageAssigned
0%
Task Description

Some users use emacs as a tiling window manager. Please add EXWM[0]

[0]: https://github.com/ch11ng/exwm

PackagesAnyImplementation RequestVery LowLow[SafeEyes] add new packageAssigned
0%
Task Description

Safe Eyes is a program to manage breaks in front of the computer. It has many features that help us adapt it to our needs.

PackagesAnySecurity IssueMediumCritical[libjpeg-turbo] CVE-2019-2201Researching
0%
Task Description

In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation

https://security-tracker.debian.org/tracker/CVE-2019-2201

Patch: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388

PackagesAnyUpdate RequestVery LowHigh[mpv] request for package bumpUnconfirmed
0%
Task Description

Hello,

Would it be possible to get a package bump for mpv ?

Currently, Debian Buster (stable) uses 0.29.1-1. This would be great as it introduces many fixes and support for lua scripts I heavily use.
0.29.* requires a ffmpeg to 4.x series as well.

Thanks.

PackagesAnyFreedom IssueVery LowLow[gnome] Complete remval of desktop-environmentUnconfirmed
0%
Task Description

Description: As Gnome has decided against following libre, free principles the desktop-environment has becoming a risk for the privacy and freedom for users. Meaning that the desktop-environment with all basic packages should be removed. Of course the final decision is up to the community and the development-team. Followed up are more reasons for the insights:

* Bloated with questionable dependencies (including mandatory systemd)
* Using proprietary services as high risk for freedom and privacy for users (https://i.stack.imgur.com/yZcyV.png)
* Coming up with questionable and vague principles, against software-freedom in a whole (inclusion of flatpak and flathub as so-called standardization for distributions, discussions about proprietary software included within the software-center)

Additional info for packages:

gnome-backgrounds
gnome-calculator
gnome-contacts
gnome-control-center
gnome-dictionary
gnome-disk-utility
gnome-font-viewer
gnome-keyring
gnome-screenshot
gnome-session
gnome-settings-daemon
gnome-shell
gnome-shell-extensions
gnome-system-monitor
gnome-terminal
gnome-themes-standard
gnome-user-docs
gnome-user-share
grilo-plugins

PackagesAnySecurity IssueVery LowMediumDownload debian-fixes instead of relying on external so...Unconfirmed
0%
Task Description

It happened already with minetest and again with prosody: When trying to build own packages with makepkg there are patches downloaded from the Debian-project. But the given HTTP(S)-sources are no longer available, concrete example within prosody to be found: https://deb.debian.org/debian/pool/main/p/prosody/prosody_0.10.2-1~bpo9+1.debian.tar.xz (not available)

Please don’t rely on those external sources when creating PKGBUILD-files or just give users the possibility for a secure and granted download. Therefore I cannot build prosody on my own now!

PackagesAnyPrivacy IssueVery LowCritical[bleachbit] needs to be adapted to UXP applicationsAssigned
0%
Task Description

The current version of BleachBit needs to be adapted so it can clean the new .cache/hyperbola/ directory.

PackagesAnySecurity IssueVery LowCritical[unbound] Multiple CVEsAssigned
0%
Task Description

https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/

[Critical] https://security-tracker.debian.org/tracker/CVE-2019-18934

PackagesAnyBug ReportVery LowLowXenocara xbacklight bugUnconfirmed
0%
Task Description

When i try to set the brightness on my screen, with xbacklight -set 100,

it does this:

No outputs have backlight property

and it doesn’t really matter if I set it lower than 100 or what it currently is at.

Fix when you can please!

PackagesAnyBug ReportVery LowLowlightdm/lxdm bugUnconfirmed
0%
Task Description

It appears when I plug in my libreboot laptop x200 in, it appears to dim the screen and when its unplugged, the screen is bright again. Something peculiar is at work, I wondered if this could be fixed.

My assumption is it is related to lxdm or lightdm. Any thoughts?

I am currently using 0.4, so I don’t expect this to be a fast process, just when you get a chance okay?

PackagesAnyFreedom IssueVery LowLow[hedgewars] Crash when starting a new singleplayer-camp...Unconfirmed
0%
Task Description

When trying to start a new campaign the complete game-engine is crashing with the following message:

Object::disconnect: Unexpected null parameter
QCoreApplication::postEvent: Unexpected null receiver

As ghc and fpc should be removed in the near future it would be good to validate this or otherwise remove the game-package itself also.

PackagesAnySecurity IssueVery LowHigh[tigervnc] Multiple CVEResearching
0%
Task Description

https://www.openwall.com/lists/oss-security/2019/12/20/2

“This is a security release to fix a number of issues that were found by Kaspersky Lab. These issues affect both the client and server and could theoretically allow an malicious peer to take control over the software on the other side.”

PackagesAnyBug ReportMediumHigh[gstreamer] needed rebuildIn Progress
70%
Task Description

(gst-plugin-scanner:17336): GStreamer-WARNING : Failed to load plugin ‘/usr/lib/gstreamer-1.0/libgstzbar.so’: libzbar.so.0: cannot open shared object file: No such file or directory
(gst-plugin-scanner:17336): GStreamer-WARNING
: Failed to load plugin ‘/usr/lib/gstreamer-1.0/libgstfluidsynthmidi.so’: libfluidsynth.so.1: cannot open shared object file: No such file or directory

Repositorio : extra
Nombre : gstreamer
Versión : 1.12.0-1
Descripción : GStreamer open-source multimedia framework core library
Arquitectura : x86_64
URL : https://gstreamer.freedesktop.org/ Licencias : LGPL Grupos : Nada
Provee : Nada
Depende de : libxml2 glib2 libunwind libcap libelf
Dependencias opcionales : Nada
En conflicto con : Nada
Remplaza a : Nada
Tamaño de la descarga : 1897,45 KiB
Tamaño de la instalación : 17241,00 KiB
Encargado : Jan Alexander Steffens (heftig) jan.steffens@gmail.com Fecha de creación : jue 04 may 2017 14:13:05 -05
Validado por : Suma MD5 Suma SHA-256 Firma

PackagesAnySecurity IssueVery LowCritical[opensmtpd] CVE-2020-8794Unconfirmed
0%
Task Description

Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/

Qualys Security Advisory

LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)

Contents

Summary
Analysis
...
Acknowledgments

Summary

We discovered a vulnerability in OpenSMTPD, OpenBSD’s mail server. This
vulnerability, an out-of-bounds read introduced in December 2015 (commit
80c6a60c, “when peer outputs a multi-line response ...”), is exploitable
remotely and leads to the execution of arbitrary shell commands: either
as root, after May 2018 (commit a8e22235, “switch smtpd to new
grammar”); or as any non-root user, before May 2018.

Because this vulnerability resides in OpenSMTPD’s client-side code
(which delivers mail to remote SMTP servers), we must consider two
different scenarios:

- Client-side exploitation: This vulnerability is remotely exploitable

in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.

- Server-side exploitation: First, the attacker must connect to the

OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).

We developed a simple exploit for this vulnerability and successfully
tested it against OpenBSD 6.6 (the current release), OpenBSD 5.9 (the
first vulnerable release), Debian 10 (stable), Debian 11 (testing), and
Fedora 31.

The fix is delivered in OpenSMTPD 6.6.4p1, available here, which the developer recommends installing “AS SOON AS POSSIBLE.”

PackagesAnyImplementation RequestVery LowMedium[chdkptp] please add package to control Canon camerasUnconfirmed
0%
Task Description

CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.

Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.

Code is available via svn:

$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp

Copy chdkptp.sh and config.mk files to source tree then compile via make. chdkptp requires root privileges to connect to a camera.

Showing tasks 351 - 400 of 488 Page 8 of 10<<First - 6 - 7 - 8 - 9 - 10 -

Available keyboard shortcuts

Tasklist

Task Details

Task Editing