All Projects

ProjectCategoryTask Type  descPrioritySeveritySummaryStatusProgress
PackagesStableUpdate RequestHighHigh[qt5] upgrade Qt project to the 5.6 LTS version, requir...Deferred
0%
Task Description

Cannot mix incompatible Qt library (version 0×50800) with this library (version 0×50904)
Aborted

./Nextcloud-2.3.3-x86_64.AppImage: /usr/lib/libQt5Core.so.5: version `Qt_5.9’ not found (required by /tmp/.mount_NextclpprMnG/usr/bin/../lib/libqt5keychain.so.1

These two packages are directly affected by an older qt5...

Could you update all the qt packages to the LTS version available?

PackagesAnyUpdate RequestMediumHighMake Knock patch for Linux-libre 4.14 LTSUnconfirmed
0%
Task Description

The Knock patches for linux-libre maintained by you at https://git.hyperbola.info:50100/kernels/knock.git/ have support up to linux-libre 4.13 only (and I think it didn’t work for it when I tried it, compilation failed) but from all of those supported versions, the newest maintained generation by the upstream is 4.9.x

However, since newer kernel generations might require reprogramming the patch, I want to request it only for the latest LTS generation which is 4.14. As you know, LTS software are supported for a long time, so it’s worth to make it for linux-libre 4.14.x

This might not be really important for Hyperbola in the short term, but you are the maintainers of the TCP Stealth implementation for Linux-libre and I and maybe other people would like to use it in their projects for newer versions.

Plus, it would be great since while 4.9 kernels can use the GRSec+Knock combination like linux-libre-lts-unofficial-grsec-knock, with support for 4.14 anyone would be able to use a combination of newer patches such as Linux-hardened+Knock (Linux-hardened supports 4.14 and 4.15 as of now) which is what I’d like to do.
https://github.com/copperhead/linux-hardened/releases

PackagesAnyUpdate RequestMediumMedium[cups] update requestAssigned
0%
Task Description

New versión v2.2.7

References:

PackagesAnyUpdate RequestVery LowHighufw update/ufw bugUnconfirmed
0%
Task Description

There appears to be a bug with the current version of ufw, 0.35-2

Dunno if updating it would fix it, but it is kind of annoying and possibly security issue.

it says ufw is inactive when I reboot despite it being installed in the runlevel.

PackagesAnyUpdate RequestVery LowHigh[proj]: please update to latest versionUnconfirmed
0%
Task Description

Description:

https://proj4.org/index.html

This package have valuable geodetic applications, and I intend to present Hyperbola GNU/Linux-libre soon in universities and schools in East Africa.

The coordinate system there is not WGS84 and this package only in new version is providing the conversion from East African geographic coordinates to WGS84, and will be very usable in many industrial and private applications.

PackagesStableUpdate RequestVery LowMedium[xfe] update package to 1.43.1Researching
0%
Task Description

In the latest version fixes several minor bugs and search file function issue[1].

[1]: http://roland65.free.fr/xfe/ (see 1.43 and 1.43.1 in the news section)

PackagesStableUpdate RequestVery LowMedium[grafx2] update package to 2.6Unconfirmed
0%
Task Description

In the latest version was released on 11th of January 2019, with several new features, improvements and fixes[1].

[1]: http://grafx2.chez.com/index.php?article9/2010s (see version 2.6 for more details in update log)

PackagesStableUpdate RequestVery LowMedium[cantarell-fonts] update package version to 0.111Unconfirmed
0%
Task Description

Prior version 0.0.25 and below are outdated.

Since version 0.100 and later, there are some changes being redesigned from scratch, added three new weights (including extra bold, light and thin) but not italic or oblique styles, AppStream metadata translations from contributors, and more.

See the version history releases for more details: https://gitlab.gnome.org/GNOME/cantarell-fonts/raw/master/NEWS

PackagesAnyUpdate RequestVery LowHigh[supertuxkart] update package version to 1.0Unconfirmed
0%
Task Description

In version 0.9.3 and 1.0, there are several added and changed (new or existing) features and functions, and fixed bug, crash and other issues.

But the critical part is contains non-libre/free Ubuntu font files over licensing issue, according to the issue: https://github.com/supertuxkart/stk-code/issues/2570

See those two sections in the version history releases for more details: https://github.com/supertuxkart/stk-code/blob/master/CHANGELOG.md

PackagesAnySecurity IssueVery HighCritical[openssh] CVE-2018-15919Researching
0%
Task Description

Remotely observable behavior in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states ‘We understand that the OpenSSH developers do not want to treat such a username enumeration (or “oracle”) as a vulnerability.’ https://security-tracker.debian.org/tracker/CVE-2018-15919

PackagesAnySecurity IssueHighCritical[octopi] uploads system logs to ptpb.pw without confirm...In Progress
30%
Task Description

Octopi 0.9.0 is uploading system logs to ptpb.pw without confirmation through :

Tools
→ SysInfo → ptpb.pw

I think it should be either disabled or add at least a patch to ask for a confirmation.
An other way could be to patch this :

src/globals.cpp
240: * Generates SysInfo file and paste it to ptpb site
255:  QString ptpb = UnixCommand::getCommandOutput("curl -F c=@- https://ptpb.pw/?u=1", tempFile->fileName());
256:  return ptpb;

to :

src/globals.cpp
240: * Generates SysInfo file and paste it to ptpb site
255:  QString ptpb = UnixCommand::getCommandOutput("curl -F c=@- **https://ptpb.pw/", tempFile->fileName());
256:  return ptpb;

This way, you can at least ask for log deletion with the help of log uuid as explained here : https://ptpb.pw/#id10

PackagesAnySecurity IssueMediumMedium[cinepaint] unmaintained and unsupportableIn Progress
50%
Task Description

Remove “cinepaint” package since it’s unmaintained and unsupportable. Also, it doesn’t contains any file format support in the latest version (previous version supported multiple file formats).

I suggest use Krita (or Gimp 2.10) to edit 16bit and 32bit file formats or convert with imagemagick/graphicsmagick.

$ pacman -Si cinepaint
Repository      : community
Name            : cinepaint
Version         : 1:1.0.4-5
Description     : Sophisticated graphics manipulation programm supporting > 8bit pictures
Architecture    : x86_64
URL             : http://www.cinepaint.org
Licenses        : LGPL  GPL  MIT
Groups          : None
Provides        : None
Depends On      : gtk2  openexr  lcms  libxpm  fltk  ftgl  libxxf86vm
Optional Deps   : python2: for python plug-ins
                  gutenprint: for print plug-ins
                  ghostscript: for pdf plug-ins
Conflicts With  : None
Replaces        : None
Download Size   : 3.75 MiB
Installed Size  : 13.91 MiB
Packager        : Christian Hesse <arch@eworm.de>
Build Date      : Thu 28 Apr 2016 05:17:05 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnySecurity IssueVery LowCritical[octopi] requires suUnconfirmed
0%
Task Description

would it be possible to make it use sudo instead?

From what I know, sudo is safer. Let me know if you agree this is a problem.

PackagesAnySecurity IssueVery LowMedium[patch] CVE-2018-6951 - NULL pointer DoSUnconfirmed
0%
Task Description

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a “mangled rename” issue.

https://security-tracker.debian.org/tracker/CVE-2018-6951

PackagesAnySecurity IssueVery LowMedium[qemu] Multiple CVEUnconfirmed
0%
Task Description

CVE-2018-20123 QEMU: pvrdma: memory leakage in device hotplug
https://www.openwall.com/lists/oss-security/2018/12/13/4

CVE-2018-16872 Qemu: usb-mtp: path traversal by host filesystem
manipulation in Media Transfer Protocol (MTP)
https://www.openwall.com/lists/oss-security/2018/12/13/11

Patches included at above URLs.

PackagesAnyReplace RequestLowLow[appmenu-qt4] replace with appmenu-qt (qt5)Deferred
0%
Task Description

“appmenu-qt4”[0][2] is a deprecated package (release in 2012)[1] and use qt4 unsupported/non-lts software[3], but “appmenu-qt5” not contains any release source code[2]

$ pacman -Si appmenu-qt4
Repository : community
Name : appmenu-qt4
Version : 0.2.6-1
Description : Export Qt4 applications menus over D-Bus
Architecture : x86_64
URL : https://launchpad.net/appmenu-qt Licenses : GPL Groups : None
Provides : None
Depends On : libdbusmenu-qt4
Optional Deps : None
Conflicts With : appmenu-qt
Replaces : appmenu-qt
Download Size : 16.55 KiB
Installed Size : 48.00 KiB
Packager : Antonio Rojas arojas@archlinux.org Build Date : Tue 28 Feb 2017 05:59:31 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature

[0]:https://launchpad.net/appmenu-qt (qt4)
[1]:https://launchpad.net/appmenu-qt/+download [2]:https://launchpad.net/appmenu-qt5 [3]:https://en.wikipedia.org/wiki/Qt_5.6_LTS

PackagesStableReplace RequestVery LowMediumPackage ossp has got systemd dependenciesUnconfirmed
0%
Task Description

Description: Concurrent package ossp in version 1.3.2-15 has got dependencies to systemd, which is contradicting the whole distribution and the used INIT-system. Therefore my request to port this to OpenRC!

Additional info:
* package version(s) 1.3.2-15

PackagesAnyReplace RequestDeferCritical[bzr] replace deprecated GNU Bazaar to BrezyDeferred
0%
Task Description

Description:

  • replace deprecated GNU Bazaar to Brezy for Canis Major

Additional info:

Note: It needs a provide: bazaar and brezy

Steps to reproduce:

  • broken package
PackagesAnyReplace RequestDeferCritical[python2] replace deprecated Python 2 to TauthonDeferred
0%
Task Description

Description:

  • replace deprecated Python 2 to Tauthon for Canis Major

Additional info:

Steps to reproduce:

  • Broken python2 packages.
PackagesAnyPrivacy IssueVery LowMedium[avahi] avahi publishes the hostname by defaultUnconfirmed
0%
Task Description

By default, the ‘disable-publishing’ parameter in the [publish] section of avahi-daemon.conf is set to ‘no’, which can be seen in my opinion as a privacy issue as avahi broadcasts the hostname without the user’s consent even though this has been explicitly disabled in the settings of networkmanager.

PackagesAnyPrivacy IssueVery LowLow[purple-plugin-pack] Provides Napster support which is ...Unconfirmed
0%
Task Description

purple-plugin-pack provides access to Napster which is only useful with a single company and sever (as far as I could tell).

PackagesAnyPrivacy IssueVery LowLow[github] check github-related packagesResearching
0%
Task Description

We should check if the following packages run any non-free JS (like youtube-dl) or access a proprietary API:

- hub
- python-pygithub
- python2-pygithub

I haven’t check them, but they look fishy. Take it as a reminder, this is far from being urgent IMO.

Software DevelopmentHyperBKImplementation RequestVery HighCriticalDevelop HyperBK based on OpenBSD kernel + LibertyBSD sc...Deferred
0%
Task Description

Develop HyperBK (Hyper Berkeley Kernel) based on OpenBSD‘s kernel LibertyBSD‘s scripts to deblob and rebrand kernel for HyperbolaBSD.

TODO:

  • Download LibertyBSD scripts to deblob and rebrand kernel from their scripts.
  • Push source to HyperBK’s project.
  • Rebrand OpenBSD kernel to HyperBK with LibertyBSD scripts.
  • Package HyperBK for HyperbolaBSD.

PATCHING NOTE

When the check concerns kernel, we obviously want to match with HyperBK.

Example of triplet check:	hyperbolabsd)
Example of uname -s check:	HyperbolaBSD)
Example of uname -r check:	1.0)
Example of C macro check:	defined(__HyperbolaBSD__)
PackagesAnyImplementation RequestVery HighHigh[murmur-headless] add a Murmur package capable of worki...In Progress
0%
Task Description

Description:

  • Add new a Murmur package capable of working without a graphical user interface. It’s common on servers and embedded devices that requires only interfaces like network (eg. SSH) or serial port to handle services.

Additional info:

  • based on murmur 1.2.19-5

Steps to reproduce:

  • none
PackagesAnyImplementation RequestVery HighHigh[asterisk-headless] add an Asterisk package capable of ...In Progress
0%
Task Description

Description:

  • Add an Asterisk package capable of working without a graphical user interface. It’s common on servers and embedded devices that requires only interfaces like network (eg. SSH) or serial port to handle services.

Additional info:

  • based on asterisk 14.4.0-1

Steps to reproduce:

  • none
PackagesAnyImplementation RequestVery HighMedium[coturn] add new packageUnconfirmed
0%
Task Description

Description:

  • add new package

Additional info:

Steps to reproduce:

  • none
PackagesAnyImplementation RequestVery HighMedium[mediagoblin] add GNU MediaGoblin packageUnconfirmed
0%
Task Description

Description:

  • add GNU MediaGoblin package

Additional info:

  • none

Steps to reproduce:

  • none
Software DevelopmentGeneralImplementation RequestVery HighCriticalPOWER (ppc64le) portingDeferred
0%
Task Description

The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .

Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.

For the future of free computing, we need support architectures that do not come with such malware pre-installed, and the Power9-based Talos II promises to be a great architecture example for workstations and servers environments where Hyperbola is focused since is a fully free long-term support distribution.

Devices like this are the future of computing that Respects Your Freedom and for that reason it’s a high priority for Hyperbola port all packages for the POWER architecture (power64le).

NOTE: POWER porting is focused only for Hyperbola GNU/Linux-libre .

Software DevelopmentGeneralImplementation RequestVery HighCriticalARM (aarch and armv7h) portingDeferred
0%
Task Description

The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .

Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.

For the future of free computing, we need support architectures that do not come with such malware pre-installed, and ARM A7/A53 promises to be a great architecture example for low-power computers, laptops and embedded systems.

NOTE: ARM porting is focused only for HyperbolaBSD .

PackagesAnyImplementation RequestMediumMedium[uzem][uzebox] add uzem emulator and uzebox firmware pa...Assigned
0%
Task Description

Add “uzem” emulator and “uzebox” firmware packages[0][1].

It’s a emulator and firmware for fully free 8bit game console.

[0]:http://belogic.com/uzebox/index.asp (no https found)
[1]:https://github.com/Uzebox/uzebox

PackagesAnyImplementation RequestMediumMedium[ncdu] add new packageDeferred
0%
Task Description

PKGBUILD

# $Id: PKGBUILD 187611 2016-08-26 15:44:01Z bisson $
# Contributor: lp76 <l.peduto@gmail.com>
# Contributor: Daenyth <Daenyth+Arch AT gmail DOT com>
# Maintainer: Gaetan Bisson <bisson@archlinux.org>

pkgname=ncdu
pkgver=1.12
pkgrel=1.hyperbola1
pkgdesc='Disk usage analyzer with an ncurses interface'
url='https://dev.yorhel.nl/ncdu'
license=('custom:MIT')
depends=('ncurses')
arch=('i686' 'x86_64')
validpgpkeys=('74460D32B80810EBA9AFA2E962394C698C2739FA')
source=("https://dev.yorhel.nl/download/${pkgname}-${pkgver}.tar.gz"{,.asc})
sha512sums=('20620dd79d2af878442769e097f13806f64f23875dcb85ebccd573a3de43aba5663d496049b64015d13f9a79d624298032c008ef61dfb6f61d8b12902b8dca12'
            'SKIP')

build() {
    cd "${srcdir}/${pkgname}-${pkgver}"
    ./configure --prefix=/usr
    make
}

package() {
    cd "${srcdir}/${pkgname}-${pkgver}"
    make DESTDIR="${pkgdir}" install
    install -Dm644 COPYING "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}
PackagesAnyImplementation RequestMediumMedium[searx] add new packageDeferred
0%
Task Description

Hi André, you could make an init for the searx search engine, it happens that
I want to launch it from local to avoid being in searx.me or
searx.riseup.net.

I have seen that there is a PKGBUILD in AUR [0]. I think it is necessary to make one with the init Openrc

[0]: https://aur.archlinux.org/packages/searx-py3/

ServicesFlyspray BrandingImplementation RequestMediumMediumAdd Hyperbola branding to HyperTaskIn Progress
40%
Task Description

Add Hyperbola branding to HyperTask such as HyperWiki and HyperForum for prolixity reasons.

ServicesHyperWiki/DokuWikiImplementation RequestMediumMediumLibreboot hardening grub guideUnconfirmed
0%
Task Description

I don’t know if this is the best place for this, but I get stuck on the hardening the grub guide from libreboot,

https://libreboot.org/docs/gnulinux/grub_hardening.html

I wondered if there is anything different that needs to be done to get this part done:

gpg –homedir keys –detach-sign my.initramfs
gpg –homedir keys –detach-sign my.kernel
gpg –homedir keys –detach-sign libreboot_grub.cfg
gpg –homedir keys –detach-sign my.grubtest.cfg

it gives me a bunch of weird errors

PackagesAnyImplementation RequestMediumLowScid vs. PC – PGN Reader/ChessBaseUnconfirmed
0%
Task Description

http://scidvspc.sourceforge.net/

PackagesAnyImplementation RequestMediumLowStockfish Chess EngineUnconfirmed
0%
Task Description

«Unlike most chess engines, Stockfish is open source (GPL license). That means you can read the code, modify it, contribute back, and even use it in your own projects.» I do not know if it is libre. If it is, together with Scid, Hyperbola is one step closer for every chess lover out there who also loves freedom!
https://stockfishchess.org/

PackagesTestingImplementation RequestMediumMediumlinux-libre-lts-hypersec: New package with extra securi...Deferred
0%
Task Description

Description: Per a user request and to better secure the kernel, we can embed the cryptsetup and ciphers in the kernel. This would mean rather than exposed modules, they are built-in to the kernel and ready to use even without an intramfs.

To be embedded: ciphers aes, twofish, serpent; sha256, sha512 - and the necessary modules (don’t forget the block modes xts, lvm and cryptsetup ...)

Additionally, we could include USB Guard and any other features that meet our social contract and security outlook.

Software DevelopmentHyperToolsImplementation RequestLowLow[hypertools] create libretools replacementDeferred
0%
Task Description

Create hypertools to replace libretools package

It’s long period to develop this package.
For now, a systemd-nspawn wrapper is being developed for “libretools”[0]

[0]:https://issues.hyperbola.info/index.php?do=details&task_id=86

PackagesAnyImplementation RequestLowLow[nut] add Network UPS Tools 2.7.x packageAssigned
0%
Task Description

Add “nut” package.

Useful for uninterruptible power supplies, power distribution units, solar controllers and servers power supply units.

PackagesTestingImplementation RequestLowMedium[spacefm] add new packageIn Progress
0%
Task Description

Add SpaceFM File Manager for Hyperbola

Aur Package: spacefm Debian Package: spacefm

PackagesAnyImplementation RequestLowLow[codecrypt] add new packageUnconfirmed
0%
Task Description

This is a GnuPG-like unix program for encryption and signing that uses only quantum-computer-resistant algorithms:

  McEliece cryptosystem (compact QC-MDPC variant) for encryption
  Hash-based Merkle tree algorithm (FMTSeq variant) for digital signatures

Codecrypt is free software. The code is licensed under terms of LGPL3 in a good hope that it will make combinations with other tools easier.

PackagesAnyImplementation RequestLowLow[i2p] add new packageUnconfirmed
0%
Task Description

Description:

  • add new package

Additional info:

  • none

Steps to reproduce:

  • none
PackagesAnyImplementation RequestVery LowLow[3proxy] add package since it's useful for tor on ftp p...Deferred
0%
Task Description

Add “3proxy”[0] package

Useful for tor on ftp proxy[1]

[0]:https://github.com/z3APA3A/3proxy [1]:https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/FTP

PackagesAnyImplementation RequestVery LowLow[plymouth] add packageDeferred
0%
Task Description

Plymouth is an application that runs very early in the boot process (even before the root filesystem is mounted!) that provides a graphical boot animation while the boot process happens in the background.

Please implement plymouth as an optional package.

PackagesTestingImplementation RequestVery LowMedium[yaics] add packageDeferred
0%
Task Description

Yaics is a simple GNU social client written in C++ and Qt and licensed under the GNU GPL 3.0 (or later).

Please implement yaics as an optional package.

https://stigatle.no/yaics/

https://gitlab.com/stigatle/yaics

PackagesTestingImplementation RequestVery LowLow[sirikata] add packageDeferred
0%
Task Description

Sirikata a platform for virtual worlds.

Sirikata is a platform for virtual worlds. We provide a set of libraries and protocols which can be used to deploy a virtual world, as well as fully featured sample implementations of services for hosting and deploying these worlds.

Please implement sirikata as an optional package.

PackagesAnyImplementation RequestVery LowLow[multipath-tools] add packageDeferred
0%
Task Description

Hello,

Could it be possible to add this package :

multipath-tools

“Multipath tools for Linux (including kpartx)”

License : GPL2

to the repo ?

Thank you

PackagesAnyImplementation RequestVery LowLow[thinkfan] add packageDeferred
0%
Task Description

Could it be possible to add this package :

thinkfan

“A minimalist fan control program. Supports the sysfs hwmon interface and thinkpad_acpi”

License : GPL

to the repo ?

Thanks

PackagesAnyImplementation RequestVery LowLow[mednaffe] add packageUnconfirmed
0%
Task Description

Could it be possible to add :

mednaffe

“front-end (GUI) for mednafen emulator”

https://www.parabola.nu/packages/pcr/x86_64/mednaffe/ https://github.com/AmatCoder/mednaffe

License : GPL2

Thanks

PackagesAnyImplementation RequestVery LowLow[fsearch] add packageUnconfirmed
0%
Task Description

Could it be possible to add :

fsearch

https://github.com/cboxdoerfer/fsearch

License : GPL

Showing tasks 1 - 50 of 454 Page 1 of 101 - 2 - 3 - 4 - 5 - Last >>

Available keyboard shortcuts

Tasklist

Task Details

Task Editing