All Projects

ProjectCategoryTask TypePrioritySeverity  ascSummaryStatusProgress
PackagesStableBug ReportMediumCritical[torsocks] which: no getcapRequires Testing
90%
Task Description

Current torsocks version is broken.
It returns the following error when attempting to torify application :

which: no getcap
PackagesAnyBug ReportVery LowCritical[system-config-printer] Impossible to print some pdfs (...Assigned
0%
Task Description

Hello,

I’m unable to print some pdfs on my Hyperbola 3.0 system.
Some background :

cups is installed, service enabled and working
system-config-printer is installed and my printer has been correctly added.

I can print most pdfs and text files but recently with a pdf, it fails to print it.* And system-config-printer returned the following error (see capture) :

Printer "EPSON XP-620-Series" requires the '/usr/lib/cups/filters/epson-escpr-wrapper' but it is not currently installed.

Currently, “epson-escpr-wrapper” is installed but it is in :

/usr/libexec/cups/filters/epson-escpr-wrapper

Looking at source code of system-config-printer, it expects that wrapper to be installed in “/usr/lib/” so I tried to symlink that “epson-escpr-wrapper” to “/usr/lib/cups/filters” but it doesn’t work..

*With a Debian system and the exact same configuration, the “problematic” pdf prints just fine so it is not an issue with the pdf.

PackagesStableBug ReportVery LowCritical[smartmontools] update-smart-drivedb fails to updateRequires Testing
100%
Task Description

smartmontools 6.5-1.hyperbola1

Error while trying to update smart-drivedb :

anon@test[~] update-smart-drivedb

External Link/usr/bin/update-smart-drivedb: download from branches/RELEASE_6_5_DRIVEDB failed (curl: exit 23) /usr/bin/update-smart-drivedb: download from trunk failed (curl: exit 23)

PackagesAnySecurity IssueVery LowCritical[opensmtpd] CVE-2020-8794Unconfirmed
0%
Task Description

Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/

Qualys Security Advisory

LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)

Contents

Summary
Analysis
...
Acknowledgments

Summary

We discovered a vulnerability in OpenSMTPD, OpenBSD’s mail server. This
vulnerability, an out-of-bounds read introduced in December 2015 (commit
80c6a60c, “when peer outputs a multi-line response ...”), is exploitable
remotely and leads to the execution of arbitrary shell commands: either
as root, after May 2018 (commit a8e22235, “switch smtpd to new
grammar”); or as any non-root user, before May 2018.

Because this vulnerability resides in OpenSMTPD’s client-side code
(which delivers mail to remote SMTP servers), we must consider two
different scenarios:

- Client-side exploitation: This vulnerability is remotely exploitable

in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.

- Server-side exploitation: First, the attacker must connect to the

OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).

We developed a simple exploit for this vulnerability and successfully
tested it against OpenBSD 6.6 (the current release), OpenBSD 5.9 (the
first vulnerable release), Debian 10 (stable), Debian 11 (testing), and
Fedora 31.

The fix is delivered in OpenSMTPD 6.6.4p1, available here, which the developer recommends installing “AS SOON AS POSSIBLE.”

PackagesStableSecurity IssueVery LowCritical[lts-kernel][sec] filter /dev/mem access & restrict acc...Unconfirmed
0%
Task Description

These two options could be enabled :

Kernel hacking → [*] Filter access to /dev/mem
[*] Filter I/O access to /dev/mem

Security options → [*] Restrict unprivileged access to the kernel syslog

PackagesAnySecurity IssueMediumCritical[libjpeg-turbo] CVE-2019-2201Researching
0%
Task Description

In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation

https://security-tracker.debian.org/tracker/CVE-2019-2201

Patch: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388

PackagesStableBug ReportVery LowCritical[gtk-2] Severe problems with GTK2-applicationsUnconfirmed
0%
Task Description

Description: Since the migration to xenocara there seems to be a bug with applications using GTK-2. From time to time there are crashes with assertion `!xcb_xlib_threads_sequence_lost’.

Looking into this a little bit more deep there are also other distributions affected and this is an upstream-bug. But the concrete situation is not that easy, while it could be also part of the library libX11 itself. Looking therefore here: https://bugs.launchpad.net/ubuntu/+source/pcmanfm/+bug/1782984

Affected are for example LXDE in general, icedove, iceweasel and many more!

PackagesAnySecurity IssueVery HighCritical[grub2] UEFI SecureBoot vulnerability + multiple flaws ...Unconfirmed
0%
Task Description

https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/

https://9to5linux.com/grub2-boot-failure-issues-fixed-in-debian-and-ubuntu-update-now

PackagesAnyReplace RequestDeferCritical[bzr] replace deprecated GNU Bazaar to BrezyDeferred
0%
Task Description

Description:

  • replace deprecated GNU Bazaar to Brezy for Canis Major

Additional info:

Note: It needs a provide: bazaar and brezy

Steps to reproduce:

  • broken package
PackagesAnyPrivacy IssueVery LowCritical[bleachbit] needs to be adapted to UXP applicationsRequires Testing
100%
Task Description

The current version of BleachBit needs to be adapted so it can clean the new .cache/hyperbola/ directory.

Software DevelopmentGeneralBug ReportVery HighCritical[Hyperbola GNU/Linux-libre 0.4] Reworking xenocara and ...In Progress
0%
Task Description

Within the concurrent version of xenocara for version 0.4 there is a problem in vesa, generating the error-message "V_BIOS address 0x0 out of range". It is a known old bug that was fixed when D-Bus arrived by default.

This issue is oriented onto to document the steps to test further solutions and rework the x-server.

PackagesTestingBug ReportHighCritical[Hyperbola GNU/Linux-libre 0.4] Problems with sndio fai...Requires Testing
90%
Task Description

There are issues with the current sndio-package as it seems not possible to get this to work with ALSA.

PackagesTestingBug ReportVery LowCritical[Hyperbola GNU/Linux-libre 0.4] Installation issue for ...Unconfirmed
0%
Task Description

Description: Problem with execution of “pacstrap /mnt base base-devel syslinux” from 0.3.1-chroot ISO-image with modified pacman.conf and mirrorlist for testing. There are errors for the packages “libxcrypt” and “man-pages” as both have “/usr/share/man/man3/crypt.3.gz” and “/usr”share/man/man3/crypt_r.3.gz” included.

PackagesTestingBug ReportVery LowCritical[Hyperbola GNU/Linux-libre 0.4] Installation for syslin...Unconfirmed
0%
Task Description

Description: Configuration file “syslinux.cfg” under /boot/syslinux/ has to be adjusted. Problem with kernel-images loaded and the concurrent booting device is per default configured to /dev/sda3. Kernel-images are named as “linux-libre” not “linux-libre-lts”.

Software DevelopmentGeneralBug ReportHighCriticalRunit errors,Unconfirmed
0%
Task Description

/sbin/openrc-run: bad interpreter: No such file or directory

I get this error whenever I try to start dhcpcd with sv /etc/runit/

And for sndiod I get this doing the same guide,

warning: sndiod: unable to open supervise/ok: file does not exist

Although rather ironically, If I type sndiod or dhcpcd into root, it works just fine.

Maybe its an FHS issue or possibly, I am screwing up? I am not sure. Feedback is welcome.

This is what I did:

=⇒ Add a service:

ln -s /etc/sv/<service> /var/service
==> Start/stop/restart a service:
sv <start/stop/restart> <service>

more or less, I used this guide.

Software DevelopmentGeneralImplementation RequestDeferCriticalRISC-V (riscv64) porting + multilib supportDeferred
0%
Task Description

The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .

Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.

For the future of free computing, we need support architectures that do not come with such malware pre-installed, and RISC-V promises to be a great architecture example for low-power computers, laptops and embedded systems, also as ARM architecture replacement.

Devices like this are the future of computing that Respects Your Freedom and for that reason it’s a high priority for Hyperbola port all packages for the RISC-V architecture (riscv64) with multilib support.

NOTE: RISC-V porting is focused only for Hyperbola GNU/Linux-libre .

Software DevelopmentGeneralImplementation RequestVery HighCriticalPOWER (ppc64le) portingDeferred
0%
Task Description

The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .

Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.

For the future of free computing, we need support architectures that do not come with such malware pre-installed, and the Power9-based Talos II promises to be a great architecture example for workstations and servers environments where Hyperbola is focused since is a fully free long-term support distribution.

Devices like this are the future of computing that Respects Your Freedom and for that reason it’s a high priority for Hyperbola port all packages for the POWER architecture (power64le).

NOTE: POWER porting is focused only for Hyperbola GNU/Linux-libre .

Software DevelopmentHyperBKImplementation RequestVery HighCriticalDevelop a BSD descendant kernel for HyperbolaBSDIn Progress
30%
Task Description

Develop HyperBK (Hyper Berkeley Kernel), a BSD descendant kernel with GPL-compatible licenses preserved, non-compatible ones removed, and new code written under GPL-3 for HyperbolaBSD.

TODO:

  • Download OpenBSD kernel source code from OpenBSD siteDONE
  • Download LibertyBSD scripts to deblob and rebrand kernel from their scripts. → DONE
  • Push source to HyperBK’s project. → DONE
  • Rebrand OpenBSD kernel to HyperbolaBSD with LibertyBSD scripts. → DONE
  • Rebrand entire code (functions, variable, pointers, etc) under HyperbolaBSD → DONE
  • Remove files under non GPL-compatible licenses → DONE
  • Import code from another BSD systems under GPL-compatible licenses → IN PROGRESS
  • Write new code under GPL-3 → IN PROGRESS
  • Package HyperBK for HyperbolaBSD.

PATCHING NOTE

When the check concerns kernel, we obviously want to match with HyperbolaBSD.

Example of triplet check:	hyperbolabsd)
Example of uname -s check:	HyperbolaBSD)
Example of uname -r check:	0.1)
Example of C macro check:	defined(__HyperbolaBSD__)
Software DevelopmentGeneralImplementation RequestVery HighCriticalARM (aarch and armv7h) portingDeferred
0%
Task Description

The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .

Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.

For the future of free computing, we need support architectures that do not come with such malware pre-installed, and ARM A7/A53 promises to be a great architecture example for low-power computers, laptops and embedded systems.

NOTE: ARM porting is focused only for HyperbolaBSD .

Showing tasks 501 - 519 of 519 Page 11 of 11<<First - 7 - 8 - 9 - 10 - 11

Available keyboard shortcuts

Tasklist

Task Details

Task Editing