All Projects

ProjectCategoryTask TypePrioritySeveritySummary  descStatusProgress
PackagesTestingImplementation RequestMediumMediumlinux-libre-lts-hypersec: New package with extra securi...Deferred
0%
Task Description

Description: Per a user request and to better secure the kernel, we can embed the cryptsetup and ciphers in the kernel. This would mean rather than exposed modules, they are built-in to the kernel and ready to use even without an intramfs.

To be embedded: ciphers aes, twofish, serpent; sha256, sha512 - and the necessary modules (don’t forget the block modes xts, lvm and cryptsetup ...)

Additionally, we could include USB Guard and any other features that meet our social contract and security outlook.

PackagesAnyBug ReportMediumLow firejail: mpv.profile fails to work  Closed
100%
Task Description

Users trying to use firejail against mpv experience errors such as:

[ytdl_hook] AVideo failed, trying to play URL directly ...
[ffmpeg] tls: The TLS connection was non-properly terminated.
Failed to recognize file format.

The error is caused by not having avideo whitelisted in firejail.

PackagesAnyFreedom IssueMediumLow[zynaddsubfx] vague terminology "Open Source" in descri...Deferred
0%
Task Description

This package contains vague terminology “Open Source”:

community/zynaddsubfx 3.0.1-1
    Opensource software synthesizer capable of making a countless number of instruments.

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

Free software synthesizer capable of making a countless number of instruments.
PackagesAnyFeature RequestHighHigh [zlib] adapt package in accordance with the Hyperbola P ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [zathura-pdf-mupdf] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it depends on openssl.

$ pacman -Si zathura-pdf-mupdf
Repository      : community
Name            : zathura-pdf-mupdf
Version         : 0.3.1-3
Description     : PDF support for Zathura (MuPDF backend)
Architecture    : x86_64
URL             : https://pwmt.org/projects/zathura-pdf-mupdf/
Licenses        : zlib
Groups          : None
Provides        : None
Depends On      : zathura  jbig2dec  openjpeg2  cairo  desktop-file-utils  openssl
Optional Deps   : None
Conflicts With  : zathura-pdf-poppler
Replaces        : None
Download Size   : 18.27 MiB
Installed Size  : 33.50 MiB
Packager        : Johannes Löthberg <johannes@kyriasis.com>
Build Date      : Wed 03 May 2017 04:57:27 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFeature RequestHighHigh [your-freedom] adapt package in accordance with the Hyp ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [yara] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it depends on openssl.

$ pacman -Si yara
Repository      : community
Name            : yara
Version         : 3.5.0-3
Description     : Tool aimed at helping malware researchers to identify and classify malware samples
Architecture    : x86_64
URL             : https://github.com/VirusTotal/yara
Licenses        : BSD
Groups          : None
Provides        : None
Depends On      : openssl  file
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 218.21 KiB
Installed Size  : 1103.00 KiB
Packager        : Levente Polyak <anthraxx@archlinux.org>
Build Date      : Sun 05 Mar 2017 08:00:00 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFeature RequestHighHigh [xz] adapt package in accordance with the Hyperbola Pac ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFreedom IssueMediumLow[xwax] vague terminology "Open Source" and "Linux" in d...Deferred
0%
Task Description

This package contains vague terminology “Open Source” and “Linux”:

community/xwax 1.6-1
    Open-source vinyl emulation software for Linux.

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source” and “Linux” as operating system, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

https://www.gnu.org/philosophy/words-to-avoid.html#Linux

It would be good example to set to have proper description of packages without using “Open Source” and “Linux” as operating system.

eg.

Free-software vinyl emulation software for GNU/Linux.
PackagesAnyFreedom IssueMediumLow[xvidcore] vague terminology "Open Source" in descripti...Deferred
0%
Task Description

This package contains vague terminology “Open Source”:

extra/xvidcore 1.3.4-1 [installed]
    XviD is an open source MPEG-4 video codec

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

XviD is a free software MPEG-4 video codec
PackagesAnyFeature RequestHighHigh [xtensa-unknown-elf-gcc] adapt package in accordance wi ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [xtensa-unknown-elf-binutils] adapt package in accordan ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFreedom IssueMediumLow[xsd] vague terminology "Open Source" in description of...Deferred
0%
Task Description

This package contains vague terminology “Open Source”:

extra/xsd 4.0.0-2
    An open-source, cross-platform W3C XML Schema to C++ data binding compiler

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

A free-software, cross-platform W3C XML Schema to C++ data binding compiler
PackagesAnyFeature RequestHighHigh [xmlto] adapt package in accordance with the Hyperbola  ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [xmlsec] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it depends on openssl.

$ pacman -Si xmlsec
Repository      : extra
Name            : xmlsec
Version         : 1.2.24-1
Description     : XML Security Library is a C library based on LibXML2
Architecture    : x86_64
URL             : https://www.aleksey.com/xmlsec/index.html
Licenses        : custom
Groups          : None
Provides        : None
Depends On      : libxslt  openssl  gnutls  nss  libltdl
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 680.27 KiB
Installed Size  : 5034.00 KiB
Packager        : Andreas Radke <andyrtr@archlinux.org>
Build Date      : Sun 30 Apr 2017 01:52:30 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFeature RequestHighHigh [xinetd] adapt package in accordance with the Hyperbola ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [xfsprogs] adapt package in accordance with the Hyperbo ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesTestingBug ReportMediumLow [xf86-video-intel] context menu not being highlighted i ...Closed
100%
Task Description

Description:
Context menu not being highlighted in UXP applications such as Iceweasel-UXP. This issue is generated in machines with i915 graphic cards using the Intel graphics driver .

Additional info:
* package version(s): 52.9.0_20180601-7

Steps to reproduce:

  • Install Iceweasel-UXP:
    # pacman -S iceweasel-uxp
  • Run Iceweasel-UXP:
    ~ iceweasel-uxp
  • Open new tabs with right click to use context menu.
PackagesAnySecurity IssueVery HighCritical [xen] multiple security issues: CVE-2018-10472, CVE-201 ...Closed
100%
Task Description

http://openwall.com/lists/oss-security/2018/04/30/1 http://openwall.com/lists/oss-security/2018/04/30/1 An attacker supplying a crafted CDROM image can read any file (or
device node) on the dom0 filesystem with the permissions of the qemu
devicemodel process. (The virtual CDROM device is read-only, so
no data can be written.)

http://openwall.com/lists/oss-security/2018/04/30/2 A malicious or buggy guest may cause a hypervisor crash, resulting in
a Denial of Service (DoS) affecting the entire host.

http://openwall.com/lists/oss-security/2018/05/11/1 A malicious unprivileged device model can cause a Denial of Service
(DoS) affecting the entire host. Specifically, it may prevent use of a
physical CPU for an indeterminate period of time.

http://openwall.com/lists/oss-security/2018/05/11/2

[critical]
A malicious or buggy HVM guest may cause a hypervisor crash, resulting
in a Denial of Service (DoS) affecting the entire host. Privilege
escalation, or information leaks, cannot be excluded.

Patches provided by upstream.

PackagesAnyBug ReportLowLow [xdg-utils] doesn't work with -uxp applications and has ...Closed
100%
Task Description

As per the source code, xdg-utils is meant to work with firefox, google-chrome, and other browsers. It is missing support for -uxp applications.

PackagesAnyFreedom IssueMediumLow[xapian-core] vague terminology "Open Source" in descri...Deferred
0%
Task Description

This package contains vague terminology “Open Source”:

extra/xapian-core 1:1.4.2-1
    Open source search engine library.

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

Free software search engine library.
PackagesAnyFreedom IssueMediumLow[x265] vague terminology "Open Source" in description o...Deferred
0%
Task Description

This package contains vague terminology “Open Source”:

extra/x265 2.4-1
    Open Source H265/HEVC video encoder

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

Free Software H265/HEVC video encoder
PackagesAnyBug ReportLowLow [x11vnc] service contains error: "Service 'x11vnc' need ...Closed
100%
Task Description

x11vnc service has been imported from Gentoo, however it forces use xdm service when it should be optional since there are users don’t like use xdm to run DMs. Also, Hyperbola contains another services alternatives such as gdm, lightdm, lxdm, sddm and slim to run directly without xdm.

PackagesAnyFeature RequestHighHigh [x11vnc] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it depends on openssl.

$ pacman -Si x11vnc
Repository      : extra
Name            : x11vnc
Version         : 1:0.9.14-2
Description     : VNC server for real X displays
Architecture    : x86_64
URL             : https://github.com/LibVNC/x11vnc
Licenses        : GPL2
Groups          : None
Provides        : None
Depends On      : libvncserver  openssl  libjpeg  libxtst  libxinerama  libxdamage  libxrandr  avahi
Optional Deps   : tk: GUI support
                  net-tools: -auth guess
                  xf86-video-dummy: Xdummy script
Conflicts With  : None
Replaces        : None
Download Size   : 635.70 KiB
Installed Size  : 1750.00 KiB
Packager        : Gaetan Bisson <bisson@archlinux.org>
Build Date      : Mon 13 Mar 2017 03:26:12 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFeature RequestHighHigh [wvstreams] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it depends on openssl-1.0.

$ pacman -Si wvstreams
Repository      : community
Name            : wvstreams
Version         : 4.6.1-12
Description     : A network programming library written in C++
Architecture    : x86_64
URL             : http://alumnit.ca/wiki/?page=WvStreams
Licenses        : LGPL
Groups          : None
Provides        : None
Depends On      : zlib  pam  xplc  openssl-1.0  readline
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 1098.88 KiB
Installed Size  : 8180.00 KiB
Packager        : Antonio Rojas <arojas@archlinux.org>
Build Date      : Wed 05 Apr 2017 09:12:59 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFeature RequestHighHigh [wt] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it optdepends on openssl.

$ pacman -Si wt
Repository      : community
Name            : wt
Version         : 3.3.7-3
Description     : a C++ library and application server for developing and deploying web applications
Architecture    : x86_64
URL             : http://www.webtoolkit.eu/
Licenses        : GPL
Groups          : None
Provides        : None
Depends On      : boost-libs  libharu  graphicsmagick  pango  zlib
Optional Deps   : openssl: for SSL support in built-in webserver
                  fcgi: for FastCGI support
                  postgresql-libs: for PostgreSQL Dbo support
                  sqlite: for Sqlite Dbo support
                  mysql++: for the hangman example
                  qt4: for the Wt/Qt interopability example (wtwithqt)
Conflicts With  : None
Replaces        : None
Download Size   : 7.70 MiB
Installed Size  : 38.73 MiB
Packager        : Sven-Hendrik Haase <sh@lutzhaase.com>
Build Date      : Mon 17 Apr 2017 05:50:47 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFeature RequestHighHigh [wpa_supplicant] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it depends on openssl-1.0.

$ pacman -Si wpa_supplicant
Repository      : core
Name            : wpa_supplicant
Version         : 1:2.6-5.hyperbola2
Description     : A utility providing key negotiation for WPA wireless networks, with OpenRC support
Architecture    : x86_64
URL             : https://w1.fi/wpa_supplicant/
Licenses        : GPL
Groups          : None
Provides        : None
Depends On      : openssl  libdbus  readline  libnl
Optional Deps   : wpa_supplicant_gui: wpa_gui program
Conflicts With  : None
Replaces        : None
Download Size   : 826.26 KiB
Installed Size  : 3833.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Mon 16 Oct 2017 07:28:39 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFeature RequestHighHigh [wpa_supplicant] adapt package in accordance with the H ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [wpa_actiond] adapt package in accordance with the Hype ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [wireless_tools] adapt package in accordance with the H ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [wireless-regdb] adapt package in accordance with the H ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFreedom IssueMediumLow[wiredtiger] vague terminology "Open Source" in descrip...Deferred
0%
Task Description

This package contains vague terminology “Open Source”:

community/wiredtiger 2.9.1-1
    High performance, scalable, production quality, NoSQL, Open Source extensible platform for data management

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

High performance, scalable, production quality, NoSQL, Free Software extensible platform for data management
PackagesAnyImplementation RequestMediumMedium [wine-stable] add package Closed
100%
Task Description

Add Wine stable version (2.x) as default Wine package.

PackagesAnyDrop RequestLowLow [wine*] remove unstable and staging packages Closed
100%
Task Description
$ pacman -Si wine
Repository      : multilib
Name            : wine
Version         : 2.7-1
Description     : A compatibility layer for running Windows programs
Architecture    : x86_64
URL             : http://www.winehq.com
Licenses        : LGPL
Groups          : None
Provides        : bin32-wine=2.7  wine-wow64=2.7
Depends On      : fontconfig  lib32-fontconfig  lcms2  lib32-lcms2  libxml2  lib32-libxml2  libxcursor  lib32-libxcursor  libxrandr  lib32-libxrandr  libxdamag
e  lib32-libxdamage  libxi  lib32-libxi  gettext  lib32-gettext  freetype2  lib32-freetype2  glu  lib32-glu  libsm  lib32-libsm  gcc-libs  lib32-gcc-libs  libp
cap  lib32-libpcap  desktop-file-utils
Optional Deps   : giflib
                  lib32-giflib
                  libpng
                  lib32-libpng
                  libldap
                  lib32-libldap
                  gnutls
                  lib32-gnutls
                  mpg123
                  lib32-mpg123
                  openal
                  lib32-openal
                  v4l-utils
                  lib32-v4l-utils
                  libpulse
                  lib32-libpulse
                  alsa-plugins
                  lib32-alsa-plugins
                  alsa-lib
                  lib32-alsa-lib
                  libjpeg-turbo
                  lib32-libjpeg-turbo
                  libxcomposite
                  lib32-libxcomposite
                  libxinerama
                  lib32-libxinerama
                  ncurses
                  lib32-ncurses
                  opencl-icd-loader
                  lib32-opencl-icd-loader
                  libxslt
                  lib32-libxslt
                  gst-plugins-base-libs
                  lib32-gst-plugins-base-libs
                  cups
                  samba
                  dosbox
Conflicts With  : bin32-wine  wine-wow64
Replaces        : bin32-wine
Download Size   : 48.95 MiB
Installed Size  : 387.66 MiB
Packager        : Sven-Hendrik Haase <sh@lutzhaase.com>
Build Date      : Sun 30 Apr 2017 09:09:05 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
$ pacman -Si wine-staging
Repository      : multilib
Name            : wine-staging
Version         : 2.7-1
Description     : A compatibility layer for running Windows programs - Staging branch
Architecture    : x86_64
URL             : http://www.wine-staging.com
Licenses        : LGPL
Groups          : None
Provides        : wine=2.7  wine-wow64=2.7
Depends On      : attr  lib32-attr  fontconfig  lib32-fontconfig  lcms2  lib32-lcms2  libxml2  lib32-libxml2  libxcursor  lib32-libxcursor  libxrandr  lib32-libxrandr  libxdamage  lib32-libxdamage  libxi  lib32-libxi  gettext  lib32-gettext  freetype2  lib32-freetype2  glu  lib32-glu  libsm  lib32-libsm  gcc-libs  lib32-gcc-libs  libpcap  lib32-libpcap  desktop-file-utils
Optional Deps   : giflib
                  lib32-giflib
                  libpng
                  lib32-libpng
                  libldap
                  lib32-libldap
                  gnutls
                  lib32-gnutls
                  mpg123
                  lib32-mpg123
                  openal
                  lib32-openal
                  v4l-utils
                  lib32-v4l-utils
                  libpulse
                  lib32-libpulse
                  alsa-plugins
                  lib32-alsa-plugins
                  alsa-lib
                  lib32-alsa-lib
                  libjpeg-turbo
                  lib32-libjpeg-turbo
                  libxcomposite
                  lib32-libxcomposite
                  libxinerama
                  lib32-libxinerama
                  ncurses
                  lib32-ncurses
                  opencl-icd-loader
                  lib32-opencl-icd-loader
                  libxslt
                  lib32-libxslt
                  libva
                  lib32-libva
                  gtk3
                  lib32-gtk3
                  gst-plugins-base-libs
                  lib32-gst-plugins-base-libs
                  vulkan-icd-loader
                  lib32-vulkan-icd-loader
                  cups
                  samba
                  dosbox
Conflicts With  : wine  wine-wow64
Replaces        : None
Download Size   : 42.36 MiB
Installed Size  : 404.19 MiB
Packager        : Felix Yan <felixonmars@archlinux.org>
Build Date      : Thu 04 May 2017 02:16:56 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
$ pacman -Ss wine-staging-nine
Repository      : multilib
Name            : wine-staging-nine
Version         : 2.7-1
Description     : A compatibility layer for running Windows programs - Staging branch with the gallium-nine patches
Architecture    : x86_64
URL             : http://www.wine-staging.com
Licenses        : LGPL
Groups          : None
Provides        : wine=2.7  wine-wow64=2.7  wine-staging=2.7
Depends On      : attr  lib32-attr  fontconfig  lib32-fontconfig  lcms2  lib32-lcms2  libxml2  lib32-libxml2  libxcursor  lib32-libxcursor  libxrandr  lib32-libxrandr  libxdamage  lib32-libxdamage  libxi  lib32-libxi  gettext  lib32-gettext  freetype2  lib32-freetype2  glu  lib32-glu  libsm  lib32-libsm  gcc-libs  lib32-gcc-libs  libpcap  lib32-libpcap  desktop-file-utils
Optional Deps   : giflib
                  lib32-giflib
                  libpng
                  lib32-libpng
                  libldap
                  lib32-libldap
                  gnutls
                  lib32-gnutls
                  mpg123
                  lib32-mpg123
                  openal
                  lib32-openal
                  v4l-utils
                  lib32-v4l-utils
                  libpulse
                  lib32-libpulse
                  alsa-plugins
                  lib32-alsa-plugins
                  alsa-lib
                  lib32-alsa-lib
                  libjpeg-turbo
                  lib32-libjpeg-turbo
                  libxcomposite
                  lib32-libxcomposite
                  libxinerama
                  lib32-libxinerama
                  ncurses
                  lib32-ncurses
                  opencl-icd-loader
                  lib32-opencl-icd-loader
                  libxslt
                  lib32-libxslt
                  libva
                  lib32-libva
                  gtk3
                  lib32-gtk3
                  gst-plugins-base-libs
                  lib32-gst-plugins-base-libs
                  vulkan-icd-loader
                  lib32-vulkan-icd-loader
                  cups
                  samba
                  dosbox
Conflicts With  : wine  wine-wow64  wine-staging
Replaces        : None
Download Size   : 42.42 MiB
Installed Size  : 404.60 MiB
Packager        : Laurent Carlier <lordheavym@gmail.com>
Build Date      : Thu 04 May 2017 04:46:19 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFreedom IssueMediumLow[wildmidi] vague terminology "Open Source" in descripti...Deferred
0%
Task Description

This package contains vague terminology “Open Source”:

extra/wildmidi 0.4.0-1
    Open Source MIDI Synthesizer

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

Free Software MIDI Synthesizer
PackagesAnyFeature RequestHighHigh [which] adapt package in accordance with the Hyperbola  ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnySecurity IssueVery HighCritical [wget] - GNU Wget Cookie Injection CVE-2018-0494 Closed
100%
Task Description

An external attacker is able to inject arbitrary cookie values cookie jar file,
adding new or replacing existing cookie values.
http://openwall.com/lists/oss-security/2018/05/06/1

Fixed in GNU Wget 1.19.5 or later.

PackagesAnyFeature RequestVery HighHigh [wesnoth] contains systemd unit files Closed
100%
Task Description

Description:

  • The Arch version of Wesnoth from the snapshot used by Hyperbola comes with systemd support. Since Hyperbola follows the Init Freedom Campaign , systemd unit files removal is required or add OpenRC init scripts to replace it.

Additional info:
* package version(s)
* config and/or log files etc.

Repository      : community
Name            : wesnoth
Version         : 1.12.6-4
Description     : A turn-based strategy game on a fantasy world
Architecture    : x86_64
URL             : http://www.wesnoth.org/
Licenses        : GPL
Groups          : None
Provides        : None
Depends On      : sdl_ttf  sdl_net  sdl_mixer  sdl_image  fribidi  boost-libs  pango  lua52  wesnoth-data  dbus  python2
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 4.97 MiB
Installed Size  : 22.86 MiB
Packager        : Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
Build Date      : Mon 02 Jan 2017 07:52:21 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
/usr/lib/systemd/system/wesnothd.service is owned by wesnoth 1.12.6-4
/usr/lib/tmpfiles.d/wesnothd.conf is owned by wesnoth 1.12.6-4

Steps to reproduce:

  • Install package.
PackagesAnyFeature RequestHighHigh [websocketpp] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it optdepends on openssl.

$ pacman -Si websocketpp
Repository      : community
Name            : websocketpp
Version         : 0.7.0-1
Description     : C++/Boost Asio based websocket client/server library
Architecture    : any
URL             : http://www.zaphoyd.com/websocketpp/
Licenses        : BSD
Groups          : None
Provides        : None
Depends On      : None
Optional Deps   : openssl: TLS socket component support
                  asio: alternative asio transport support
                  boost: non C++11 environments support
                  boost-libs: non C++11 environments support
Conflicts With  : None
Replaces        : None
Download Size   : 116.73 KiB
Installed Size  : 1002.00 KiB
Packager        : Levente Polyak <anthraxx@archlinux.org>
Build Date      : Tue 23 Feb 2016 09:20:59 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFeature RequestHighHigh [webfs] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it depends on openssl.

$ pacman -Si webfs
Repository      : community
Name            : webfs
Version         : 1.21-13
Description     : Simple and instant http server for mostly static content.
Architecture    : x86_64
URL             : http://linux.bytesex.org/misc/webfs.html
Licenses        : GPL
Groups          : None
Provides        : None
Depends On      : mime-types  openssl
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 26.04 KiB
Installed Size  : 55.00 KiB
Packager        : Jelle van der Waa <jelle@vdwaa.nl>
Build Date      : Sat 04 Mar 2017 06:06:34 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFreedom IssueVery HighCritical [warsow] contains Steam support Closed
100%
Task Description

Warsow contains a library called steamlib which is built from the source. It’s useful only for Steam support which is nonfree software.

PackagesAnyFeature RequestHighHigh [vpnc] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it depends on openssl.

$ pacman -Si vpnc
Repository      : extra
Name            : vpnc
Version         : 0.5.3.svn550-2
Description     : VPN client for cisco3000 VPN Concentrators
Architecture    : x86_64
URL             : http://www.unix-ag.uni-kl.de/~massar/vpnc/
Licenses        : GPL
Groups          : None
Provides        : None
Depends On      : libgcrypt  openssl  iproute2
Optional Deps   : openresolv: Let vpnc manage resolv.conf
Conflicts With  : None
Replaces        : None
Download Size   : 71.40 KiB
Installed Size  : 196.00 KiB
Packager        : Jan de Groot <jgc@archlinux.org>
Build Date      : Sat 04 Mar 2017 07:15:23 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnySecurity IssueVery HighCritical [vlc] CVE-2018-11529 Closed
100%
Task Description

Description:

  • VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.

Additional info:
* package version(s)

  • 2.2.6-1.hyperbola1

* config and/or log files etc.

  • None

Steps to reproduce:

  • Run VLC
PackagesAnySecurity IssueVery HighCritical [vlc] CVE-2017-17670 Closed
100%
Task Description

Description:

  • In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.

Additional info:
* package version(s)

  • 2.2.6-1.hyperbola1

* config and/or log files etc.

  • None

Steps to reproduce:

  • Run VLC
PackagesAnyFeature RequestHighHigh [vi] adapt package in accordance with the Hyperbola Pac ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [vhba-module-lts] adapt package in accordance with the  ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [vhba-module-lts] adapt package in accordance with the  ...Closed
100%
Task Description

Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .

PackagesAnyFeature RequestHighHigh [vde2] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it depends on openssl.

$ pacman -Si vde2
Repository      : extra
Name            : vde2
Version         : 2.3.2-10
Description     : Virtual Distributed Ethernet for emulators like qemu
Architecture    : x86_64
URL             : https://sourceforge.net/projects/vde/
Licenses        : GPL  LGPL  CUSTOM
Groups          : None
Provides        : None
Depends On      : bash  libpcap  openssl
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 201.37 KiB
Installed Size  : 717.00 KiB
Packager        : Jan de Groot <jgc@archlinux.org>
Build Date      : Mon 20 Mar 2017 08:00:13 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFeature RequestHighHigh [vagrant] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it makedepends on openssl-1.0.

$ pacman -Si vagrant
Repository      : community
Name            : vagrant
Version         : 1.9.3-1
Description     : Build and distribute virtualized development environments
Architecture    : x86_64
URL             : http://vagrantup.com
Licenses        : MIT
Groups          : None
Provides        : None
Depends On      : vagrant-substrate  libyaml
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 16.54 MiB
Installed Size  : 37.19 MiB
Packager        : Jonathan Steel <jsteel@archlinux.org>
Build Date      : Wed 29 Mar 2017 01:06:53 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
PackagesAnyFeature RequestHighHigh [uwsgi] rebuild package against libressl Closed
100%
Task Description

Rebuild package against libressl, since it makedepends on openssl.

$ pacman -Si uwsgi
Repository      : community
Name            : uwsgi
Version         : 2.0.15-1.hyperbola1
Description     : A fast, self-healing and developer/sysadmin-friendly application container server coded in pure C, with OpenRC support
Architecture    : x86_64
URL             : https://projects.unbit.it/uwsgi
Licenses        : GPL2
Groups          : None
Provides        : None
Depends On      : python2  libxml2  jansson  libyaml  libcap  pam  pcre
Optional Deps   : None
Conflicts With  : python-uwsgi
Replaces        : None
Download Size   : 361.88 KiB
Installed Size  : 1023.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Sat 16 Sep 2017 06:00:29 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature
Showing tasks 1 - 50 of 731 Page 1 of 151 - 2 - 3 - 4 - 5 - Last >>

Available keyboard shortcuts

Tasklist

Task Details

Task Editing