|
Packages | Any | Security Issue | Very High | Critical | [w3m] unmaintained and unsupportable | Closed | |
Task Description
w3m is an unmaintained and unsuportable software, the latest release was 0.5.3 (2011)[0][1][2][3]
$ pacman -Qi w3m Name : w3m Version : 0.5.3.git20170102-2 Description : Text-based Web browser, as well as pager Architecture : x86_64 URL : http://w3m.sourceforge.net/ Licenses : custom Groups : None Provides : None Depends On : openssl gc ncurses gpm Optional Deps : imlib2: for graphics support [installed] Required By : None Optional For : None Conflicts With : None Replaces : None Installed Size : 1784.00 KiB Packager : Jan de Groot jgc@archlinux.org Build Date : Sat 04 Mar 2017 07:12:38 PM -03 Install Date : Tue 12 Sep 2017 03:43:25 AM -03 Install Reason : Explicitly installed Install Script : No Validated By : Signature
[0]:https://sourceforge.net/projects/w3m/files/w3m/ [1]:https://security.archlinux.org/package/w3m [2]:https://tracker.debian.org/pkg/w3m [3]:https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/w3m
|
|
Packages | Any | Security Issue | Very High | Critical | [pam] pam_unix2 is orphaned and dead upstream | Closed | |
Task Description
pam_unix2 was removed from Debian Jessie because it’s buggy and unmaintained [0]
It’s included inside pam package and should be removed since it doesn’t comes from official source. Also the original upstream FTP directory (ftp://ftp.suse.com/people/kukuk/pam/pam_unix2) has disappeared.
[0]:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628848
$ pacman -Si pam Repository : core Name : pam Version : 1.3.0-1 Description : PAM (Pluggable Authentication Modules) library Architecture : x86_64 URL : http://linux-pam.org Licenses : GPL2 Groups : None Provides : None Depends On : glibc cracklib libtirpc pambase Optional Deps : None Conflicts With : None Replaces : None Download Size : 609.71 KiB Installed Size : 2980.00 KiB Packager : Tobias Powalowski tpowa@archlinux.org Build Date : Thu 09 Jun 2016 02:44:03 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql pam > pam_fileslist.txt
|
|
Packages | Any | Security Issue | Very High | Critical | [openrc] use procps-ng's "sysctl" by default instead of ... | Closed | |
Task Description
Description:
Use procps-ng's "sysctl" by default instead of inetutils's "hostname" for
hostname support.
Since [inetutils] is an extra dependency for openrc, it
contains insecure commands like: ftp/rcp/rlogin/rsh/talk/telnet
For security reasons, procps-ng should be the tool to handle hostname
configuration through hostname init script because is a base package.
Additional info:
openrc 0.28-14
/etc/init.d/hostname
- hostname "$h"
+ case $(uname -s) in
+ GNU/Linux|Linux)
+ sysctl -qw kernel.hostname="$h"
+ ;;
+ *)
+ hostname "$h"
+ ;;
+ esac
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-14
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 196.71 KiB
Installed Size : 1767.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Mon 07 May 2018 03:54:42 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
Set and run hostname init script
|
|
Packages | Any | Security Issue | Very High | Critical | [openrc] remove dangerous "local" init script | Closed | |
Task Description
Description:
“https://wiki.gentoo.org/wiki//etc/local.d”
Additional info:
remove:
“/etc/init.d/local”
“/etc/local.d/README”
“/etc/local.d/”
/etc/init.d/agetty
----
- after local
+ after *
$ pacman -Si openrc
Repository : core
Name : openrc
Version : 0.28-17
Description : A dependency based init system that works with the system provided init program
Architecture : x86_64
URL : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses : BSD2
Groups : None
Provides : None
Depends On : psmisc pam
Optional Deps : netifrc: network interface management scripts
networkmanager: network connection manager and user applications
Conflicts With : None
Replaces : None
Download Size : 194.10 KiB
Installed Size : 1727.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Thu 05 Jul 2018 01:37:37 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
|
|
Packages | Any | Security Issue | Very High | Critical | [schroedinger] unmaintained and unsupportable | Closed | |
Task Description
Description:
Remove Schrödinger in Hyperbola because it’s unmaintained and unsupportable. [0] [1]
Additional info:
$ pacman -Si schroedinger
Repository : extra
Name : schroedinger
Version : 1.0.11-3
Description : An implemenation of the Dirac video codec in ANSI C code
Architecture : x86_64
URL : https://launchpad.net/schroedinger
Licenses : GPL2 LGPL2.1 MPL MIT
Groups : None
Provides : None
Depends On : orc gcc-libs
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 331.64 KiB
Installed Size : 1676.00 KiB
Packager : Evangelos Foutras <evangelos@foutrelis.com>
Build Date : Sat 05 Dec 2015 12:28:01 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
|
|
Packages | Any | Update Request | Very High | High | [babl] update package to v0.1.50 | Closed | |
Task Description
Description:
update package to v0.1.50 version
Note: Update [gegl] or Backport [gegl] and [gimp]
https://issues.hyperbola.info/index.php?do=details&task_id=1052
https://issues.hyperbola.info/index.php?do=details&task_id=1053
https://issues.hyperbola.info/index.php?do=details&task_id=1054
Additional info:
babl 0.1.38-1.hyperbola1
$ pacman -Si babl
Repository : extra
Name : babl
Version : 0.1.38-1.hyperbola1
Description : Dynamic, any to any, pixel format conversion library
Architecture : x86_64
URL : http://gegl.org/babl/
Licenses : LGPL3
Groups : None
Provides : None
Depends On : glibc
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 237.72 KiB
Installed Size : 734.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Sun 31 Dec 2017 05:31:32 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
none
|
|
Packages | Any | Update Request | Very High | High | [gegl] update package to 0.3.34 | Closed | |
Task Description
Description:
Update package to 0.3.34 version
Note: Update package to 0.3.34 version
or update package to 0.4.2 backport and GIMP 2.10.2 backport
Update [babl] package
https://issues.hyperbola.info/index.php?do=details&task_id=1051
https://issues.hyperbola.info/index.php?do=details&task_id=1053
https://issues.hyperbola.info/index.php?do=details&task_id=1054
Additional info:
gegl 0.3.26-2.hyperbola1
$ pacman -Si gegl
Repository : extra
Name : gegl
Version : 0.3.26-2.hyperbola1
Description : Graph based image processing framework
Architecture : x86_64
URL : http://www.gegl.org/
Licenses : GPL3 LGPL3
Groups : None
Provides : None
Depends On : babl libspiro json-glib
Optional Deps : libraw: raw plugin
openexr: openexr plugin
ffmpeg: ffmpeg plugin
suitesparse: matting-levin plugin
librsvg: svg plugin
jasper: jasper plugin
libtiff: tiff plugin
lua: lua plugin
lensfun: lens-correct plugin
Conflicts With : gegl02
Replaces : gegl02
Download Size : 1347.15 KiB
Installed Size : 6823.00 KiB
Packager : André Silva <emulatorman@hyperbola.info>
Build Date : Sun 31 Dec 2017 05:37:41 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
none
|
|
Packages | Any | Update Request | Very High | High | [krita] update to 3.1.4 version | Closed | |
Task Description
Description:
Update to 3.1.4 version
Additional info:
krita 3.1.3
$ pacman -Qi krita
Name : krita
Version : 3.1.3-1
Description : Edit and paint images
Architecture : x86_64
URL : http://krita.org
Licenses : LGPL
Groups : None
Provides : None
Depends On : kio kitemmodels gsl libraw exiv2 openexr fftw curl boost-libs hicolor-icon-theme
Optional Deps : poppler-qt5: PDF filter [installed]
ffmpeg: to save animations [installed]
opencolorio: for the LUT docker [installed]
Required By : None
Optional For : None
Conflicts With : calligra-krita krita-l10n
Replaces : calligra-krita krita-l10n
Installed Size : 112.43 MiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Fri 28 Apr 2017 07:57:59 AM -03
Install Date : Tue 12 Sep 2017 03:28:32 AM -03
Install Reason : Explicitly installed
Install Script : No
Validated By : Signature
Steps to reproduce: contains some bugs
|
|
Packages | Any | Bug Report | Low | Medium | [cryptsetup] when dmcrypt start, the "/" filesystem, m... | Assigned | |
Task Description
When dmcrypt service start, the “/” filesystem is remounted, mtab is updated and bootmisc is recording the login users, by waiting time scheduling:
* root: waiting for dmcrypt (50 seconds)
* root: timed out waiting for dmcrypt
* Remounting root filesystem read/write ...
* Remounting filesystems ...
* mtab: waiting for dmcrypt (50 seconds)
* mtab: timed out waiting for dmcrypt
* Updating /etc/mtab ...
* Creating mtab symbolic link
* bootmisc: waiting to dmcrypt (50 seconds)
* bootmisc: timed out waiting for dmcrypt
* Creating user login records ...
These features on dmcrypt service are useless and these lines print above filesystem passphrase order (the printed line), those ones break printed console and print the pressed keyboard digit when I’m setting up password. Sometimes this breaks services startup, and I need press “enter” consecutively to allow run the services.
|
|
Software Development | HyperTools | Implementation Request | Low | Low | [hypertools] create libretools replacement for Hyperbol... | Deferred | |
Task Description
Create hypertools to replace libretools package for HyperbolaBSD and GNU/Linux
It’s long period to develop this package. For now, a systemd-nspawn wrapper is being developed for “libretools”[0]
[0]:https://issues.hyperbola.info/index.php?do=details&task_id=86
|