|
Packages | Any | Security Issue | Very Low | Critical | [opensmtpd] CVE-2020-8794 | Unconfirmed | |
Task Description
Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/
Qualys Security Advisory
LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)
Summary Analysis ... Acknowledgments
We discovered a vulnerability in OpenSMTPD, OpenBSD’s mail server. This vulnerability, an out-of-bounds read introduced in December 2015 (commit 80c6a60c, “when peer outputs a multi-line response ...”), is exploitable remotely and leads to the execution of arbitrary shell commands: either as root, after May 2018 (commit a8e22235, “switch smtpd to new grammar”); or as any non-root user, before May 2018.
Because this vulnerability resides in OpenSMTPD’s client-side code (which delivers mail to remote SMTP servers), we must consider two different scenarios:
- Client-side exploitation: This vulnerability is remotely exploitable
in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.
- Server-side exploitation: First, the attacker must connect to the
OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).
We developed a simple exploit for this vulnerability and successfully tested it against OpenBSD 6.6 (the current release), OpenBSD 5.9 (the first vulnerable release), Debian 10 (stable), Debian 11 (testing), and Fedora 31.
The fix is delivered in OpenSMTPD 6.6.4p1, available here, which the developer recommends installing “AS SOON AS POSSIBLE.”
|
|
Packages | Stable | Bug Report | Very Low | Critical | [gtk-2] Severe problems with GTK2-applications | Unconfirmed | |
Task Description
Description: Since the migration to xenocara there seems to be a bug with applications using GTK-2. From time to time there are crashes with assertion `!xcb_xlib_threads_sequence_lost’.
Looking into this a little bit more deep there are also other distributions affected and this is an upstream-bug. But the concrete situation is not that easy, while it could be also part of the library libX11 itself. Looking therefore here: https://bugs.launchpad.net/ubuntu/+source/pcmanfm/+bug/1782984
Affected are for example LXDE in general, icedove, iceweasel and many more!
|
|
Packages | Stable | Freedom Issue | Very Low | Critical | [keybase] Complete removal of tool | Unconfirmed | |
Task Description
There is only the source code of the client available and since years nothing more happened. With keybase joining “Zoom” nothing more seems to happen. Look also here in the forum: https://forums.hyperbola.info/viewtopic.php?id=368
|
|
Packages | Any | Bug Report | Very Low | High | Desite "noauto" specified in /etc/fstab all devices get... | Unconfirmed | |
Task Description
Description:
I have tried all combinations, but despite “noauto” specified in /etc/fstab all devices get mounted at boot.
Who can help me, not to mount a device during boot?
|
|
Packages | Any | Implementation Request | Very Low | High | [glom]: should depend on libgda | Unconfirmed | |
Task Description
Description:
glom cannot run without libgda, so it should depend on libgda package
|
|
Packages | Stable | Bug Report | Very Low | High | java cacerts file is empty | Unconfirmed | |
Task Description
/etc/ssl/certs/java/cacerts has 0 entries, resulting in ssl handshake errors in java applications.
Package versions: * ca-certificates 20170307-1 * ca-certificates-utils 20170307-1
|
|
Services | Wiki Page Issue | Bug Report | Very Low | High | HTML design on Wiki not readable | Unconfirmed | |
Task Description
The wiki pages look really too narrow and not readable on even half a screen of the laptop.
|
|
Packages | Any | Update Request | Very Low | High | [proj]: please update to latest version | Unconfirmed | |
Task Description
Description:
https://proj4.org/index.html
This package have valuable geodetic applications, and I intend to present Hyperbola GNU/Linux-libre soon in universities and schools in East Africa.
The coordinate system there is not WGS84 and this package only in new version is providing the conversion from East African geographic coordinates to WGS84, and will be very usable in many industrial and private applications.
|
|
Packages | Any | Security Issue | Very Low | High | [octopi] requires su | Unconfirmed | |
Task Description
would it be possible to make it use sudo instead?
From what I know, sudo is safer. Let me know if you agree this is a problem.
|
|
Packages | Any | Bug Report | Very Low | High | [kdelibs4support] XDG_RUNTIME_DIR not set | Unconfirmed | |
Task Description
Description:
This bug only appears when logged in as root on terminal
# kf5-config --version
QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root'
QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root'
QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root'
Qt: 5.8.0
KDE Frameworks: 5.33.0
kf5-config: 1.0
Additional info:
* package version(s)
$ pacman -Si kdelibs4support
Repositorio : extra
Nombre : kdelibs4support
Versión : 5.33.0-1
Descripción : Porting aid from KDELibs4
Arquitectura : x86_64
URL : https://community.kde.org/Frameworks
Licencias : LGPL
Grupos : kf5-aids
Provee : Nada
Depende de : kunitconversion kitemmodels kemoticons kded kparts
Dependencias opcionales : Nada
En conflicto con : kde4support
Remplaza a : kde4support
Tamaño de la descarga : 3,03 MiB
Tamaño de la instalación : 17,36 MiB
Encargado : Felix Yan <felixonmars@archlinux.org>
Fecha de creación : jue 13 abr 2017 14:29:47 -05
Validado por : Suma MD5 Suma SHA-256 Firma
Steps to reproduce:
- Install KDE plasma
|
|
Packages | Any | Bug Report | Very Low | High | [blueman] org.freedesktop.DBus.Error.NameHasNoOwner | Unconfirmed | |
Task Description
Description:
org.freedesktop.DBus.Error.NameHasNoOwner: Could not get owner of name ‘org.bluez.obex’: no such name
Additional info: * package version(s)
$ pacman -Si blueman
Repositorio : community
Nombre : blueman
Versión : 2.0.4-3
Descripción : GTK+ Bluetooth Manager
Arquitectura : x86_64
URL : https://github.com/blueman-project/blueman
Licencias : GPL
Grupos : Nada
Provee : Nada
Depende de : bluez bluez-libs gtk3 libnotify python-cairo python-dbus
python-gobject
Dependencias opcionales : dnsmasq: Network Access Point (NAP) support
networkmanager: Dial Up Networking (DUN) and Personal Area
Networking (PAN) support
pulseaudio-bluetooth: audio devices support
En conflicto con : Nada
Remplaza a : Nada
Tamaño de la descarga : 1814,18 KiB
Tamaño de la instalación : 5345,00 KiB
Encargado : Felix Yan <felixonmars@archlinux.org>
Fecha de creación : dom 25 dic 2016 12:00:42 -05
Validado por : Suma MD5 Suma SHA-256 Firma
* config and/or log files etc.
(blueman-applet | ccze -A): - https://paste.debian.net/plain/1049476
(pkgfile -l blueman): - https://paste.debian.net/plain/1049477
Steps to reproduce:
- Install blueman
|
|
Packages | Stable | Bug Report | Very Low | High | [devede] xorriso unsupported option '-dvd-video' | Assigned | |
Task Description
Description:
Devede fails to convert transcoded videos to iso format with libburn-1.5.0.
Drive current: -outdev 'stdio:/home/heckyel/movie/movie.iso'
Media current: stdio file, overwriteable
Media status : is blank
Media summary: 0 sessions, 0 data blocks, 0 data, 334g free
xorriso : FAILURE : -as genisofs: Unsupported option '-dvd-video'
xorriso : NOTE : -return_with SORRY 32 triggered by problem severity FAI
Additional info:
$ pacman -Si devede
Repositorio : community
Nombre : devede
Versión : 4.8.8-1
Descripción : A program to create VideoDVDs and CDs
Arquitectura : any
URL : http://www.rastersoft.com/programas/devede.html
Licencias : GPL3
Grupos : Nada
Provee : Nada
Depende de : mencoder ffmpeg dvdauthor vcdimager cdrkit ttf-dejavu
gtk3 python-cairo python-gobject python-setuptools
Dependencias opcionales : mplayer
vlc
mpv
En conflicto con : Nada
Remplaza a : Nada
Tamaño de la descarga : 1640,88 KiB
Tamaño de la instalación : 3331,00 KiB
Encargado : Sergej Pupykin <pupykin.s+arch@gmail.com>
Fecha de creación : vie 10 feb 2017 05:06:37 -05
Validado por : Suma MD5 Suma SHA-256 Firma
Link’s code:
- https://gitlab.com/rastersoft/devedeng/blob/master/src/devedeng/mkisofs.py#L61
- https://gitlab.com/rastersoft/devedeng/blob/master/src/devedeng/genisoimage.py#L61
Steps to reproduce:
- Install devede - Create video DVD disc
|
|
Packages | Any | Freedom Issue | Very Low | High | [gitlab] systemd reference & command not found during i... | Unconfirmed | |
Task Description
(14/14) installing gitlab [##############################] 100% /tmp/alpm_bCqhHf/.INSTALL: line 2: systemd-tmpfiles: command not found
|
|
Packages | Stable | Freedom Issue | Very Low | High | GNU Privacy Assistant (GPA) | Unconfirmed | |
Task Description
Hello Hyperbola!
GPA gives out the following errors upon opening the app.
First:
``` The GPGME library returned an unexpected error at confdialog.c:1459. The error was:
Unsupported protocol
This is either an installation problem or a bug in GPA. GPA will now try to recover from this error. ```
Second:
``` Fatal Error in GPGME library (invoked from file options.c, line 302):
Unsupported protocol
The application will be terminated
What can I do to overcome these errors? ``` As this issue makes gpa app completely unusable, I have set this bug report’s severity as high.
I also request the admin to set priority to high due to it’s severity.
Thank you!
Regards, RG.
|
|
Packages | Any | Bug Report | Very Low | High | groff: package not built with URW fonts properly or suc... | Unconfirmed | |
Task Description
Description:
groff is typesetting system similar to TeX/LaTeX however, it is very small and very usable. It is not built properly with URW fonts, or such are missing, I cannot know all details. Overall groff package is basically somehow broken.
It shall depend on proper fonts, and such fonts should already be built, including their Unicode versions.
Package is only partially built.
|
|
Packages | Any | Implementation Request | Very Low | High | Add MPTCP (MultiPath TCP) to Hyperbola | Unconfirmed | |
Task Description
https://aur.archlinux.org/packages/linux-mptcp/
Kernel Patch for 4.9 : http://multipath-tcp.org/patches/mptcp-v4.9-c88d1d56809e.patch
Compile : https://multipath-tcp.org/pmwiki.php/Users/DoItYourself
|
|
Packages | Stable | Bug Report | Very Low | High | [vlc] DVB : cache_block stream error: cannot pre fill b... | Unconfirmed | |
Task Description
Current VLC version (3.0.4-3.hyperbola1.backports1) fails to play DVB stream using a RTL2832 usb dongle.
I start the playlist like this :
vlc channels.conf
but it returns the following error :
cache_block stream error: cannot pre fill buffer
Also, it asks the user to be in “video” group to access DVB device, this was not needed before with Hyperbola 0.2.9. User being in “wheel” was enough. Anyway, even after adding my user to video group, it still fails with “cache_block stream error: cannot pre fill buffer”
This is not an issue with my DVB adapter or driver. rtl2832 is correctly loaded. And I can play the channels.conf playlist just fine with “mpv” or “mplayer”. Also, the channels.conf used works just fine with a more recent version of VLC on an other system (Manjaro) so something is broken with the current VLC used.
Maybe a package bump would fix the issue.
|
|
Installation | General | Freedom Issue | Very Low | High | [openbox] provides nonfree software support in the menu | Unconfirmed | |
Task Description
my recommended fix, make it reflect the applications that are actually installed on the system after removing non-free software support.
|
|
Installation | General | Freedom Issue | Very Low | High | FS#1445 - [fluxbox] provides nonfree software support i... | Unconfirmed | |
Task Description
recommended fix, remove non-free software entries in menu and replace them with applications that actually exist.
|
|
Packages | Any | Bug Report | Very Low | High | [rubyripper] GUI doesn't work | Unconfirmed | |
Task Description
rrip_gui does not work. The fix is to install cairo-gobject which is not in the repos. Attached is a working PKGBUILD adapted from the official one.
|
|
Packages | Stable | Bug Report | Very Low | High | [nftables] init service ERROR: nftables failed to start | Unconfirmed | |
Task Description
Error: conflicting protocols specified: inet-service vs. icmp
when using
ip protocol icmp icmp type echo-request counter accept comment “accept ICMP echo-request type” ip6 nexthdr icmpv6 icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, mld-listener-query, mld-listener-report, mld-listener-reduction, nd-router-solicit, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert } accept comment “Accept ICMPv6”
It is a known bug on 0.7 and solved on 0.9
https://bugzilla.netfilter.org/show_bug.cgi?id=1073 commit 0011985554e269e1cc8f8e5b41eb9dcd795ebe8c fixes this problem upstream.
|
|
Packages | Any | Update Request | Very Low | High | [mpv] request for package bump | Unconfirmed | |
Task Description
Hello,
Would it be possible to get a package bump for mpv ?
Currently, Debian Buster (stable) uses 0.29.1-1. This would be great as it introduces many fixes and support for lua scripts I heavily use. 0.29.* requires a ffmpeg to 4.x series as well.
Thanks.
|
|
Packages | Any | Security Issue | Very Low | High | [tigervnc] Multiple CVE | Researching | |
Task Description
https://www.openwall.com/lists/oss-security/2019/12/20/2
“This is a security release to fix a number of issues that were found by Kaspersky Lab. These issues affect both the client and server and could theoretically allow an malicious peer to take control over the software on the other side.”
|
|
Packages | Stable | Bug Report | Very Low | High | [ispell] require FHS | Requires Testing | |
Task Description
Description:
cant open /usr/local/lib/english.hash
Additional info:
Repository : extra
Name : ispell
Version : 3.3.02-7
Description : An interactive spell-checking program for Unix
Architecture : x86_64
URL : http://ficus-www.cs.ucla.edu/geoff/ispell.html
Licenses : BSD
Groups : None
Provides : None
Depends On : ncurses
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 321.26 KiB
Installed Size : 1336.00 KiB
Packager : Evangelos Foutras <evangelos@foutrelis.com>
Build Date : Sun Sep 6 12:07:06 2015
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
- Install package
|
|
Packages | Any | Freedom Issue | Very Low | High | Synergy en teclado en español no tiene tildes ni ñ | Unconfirmed | |
Task Description
Description: Share a single mouse and keyboard between multiple computers, with libressl and OpenRC support
Issue: Synergy no es capas de trasmitir tildes ni eñes y demás caracteres del español españa
Additional info: * package version(s): community/synergy 1.8.8-2.hyperbola1 * config and/or log files etc.
Steps to reproduce: instalarar synergy en 2 PCs con hyperbola 0.3, he intentar escribir tildes, no funcionará...
|
|
Services | Mail Service Issue | Security Issue | Very Low | High | Please "support" TLS 1.2 instead of requiring it for em... | Unconfirmed | |
Task Description
The requirement for TLS 1.2 in email effectively isolated us from internet, and yelling for change isn’t working even in communications with other free/libre system distributions and mailing lists related to free/libre software (both for software and for discussions related to the movement itself). :)
Many mailing lists at gnu.org, fsf.org, fsfla.org, libreplanet.org, and also in other free/libre system distributions aren’t accessible (e.g.: Trisquel).
|
|
Packages | Testing | Implementation Request | Very Low | Medium | [yaics] add package | Deferred | |
Task Description
Yaics is a simple GNU social client written in C++ and Qt and licensed under the GNU GPL 3.0 (or later).
Please implement yaics as an optional package.
https://stigatle.no/yaics/
https://gitlab.com/stigatle/yaics
|
|
Packages | Stable | Bug Report | Very Low | Medium | [kodi-addons-visualization] addons don't work | Unconfirmed | |
Task Description
After installation, none of the addons is present in Kodi!
|
|
Packages | Any | Privacy Issue | Very Low | Medium | [avahi] avahi publishes the hostname by default | Unconfirmed | |
Task Description
By default, the ‘disable-publishing’ parameter in the [publish] section of avahi-daemon.conf is set to ‘no’, which can be seen in my opinion as a privacy issue as avahi broadcasts the hostname without the user’s consent even though this has been explicitly disabled in the settings of networkmanager.
|
|
Services | Wiki Page Issue | Implementation Request | Very Low | Medium | Add notification/subscription capabilities when a page ... | Unconfirmed | |
Task Description
After talking to Emulatorman, we think this would be a nice feature to add to our Hyperwiki to be able to subscribe to the original page in English to help tracking changing to the translated pages. This implies to add the email notifications to the dokuwiki system
|
|
Packages | Stable | Bug Report | Very Low | Medium | [cowsay] perl-text-charwidth dependency missing | Unconfirmed | |
Task Description
cowsay (cowsay-3.03-9.hyperbola1) is missing perl-text-charwidth dependency
Error message :
“Can’t locate Text/CharWidth.pm in @INC (you may need to install the Text::CharWidth module) (@INC contains: /usr/lib/perl5/site_perl /usr/share/perl5/site_perl /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5/core_perl /usr/share/perl5/core_perl .) at /usr/bin/cowsay line 14. BEGIN failed–compilation aborted at /usr/bin/cowsay line 14.”
After installing perl-text-charwidth, it works fine.
|
|
Packages | Any | Implementation Request | Very Low | Medium | [arm-linux-gnueabihf-gcc] add package | Unconfirmed | |
Task Description
Hello,
Could it be possible to add this package :
arm-linux-gnueabihf-gcc
“The GNU Compiler Collection (arm-linux-gnueabihf)”
Also requires :
arm-linux-gnueabihf-binutils (A set of programs to assemble and manipulate binary and object files) arm-linux-gnueabihf-glibc (GNU C Library)
https://aur.archlinux.org/packages/arm-linux-gnueabihf-gcc/
License : GPL
Thanks
|
|
Packages | Any | Implementation Request | Very Low | Medium | [etherpad-lite] add package | Unconfirmed | |
Task Description
Hi,
Would be nice to add etherpad-lite to our pacman.
https://github.com/ether/etherpad-lite
https://aur.archlinux.org/packages/etherpad-lite/
|
|
Packages | Stable | Bug Report | Very Low | Medium | [nfs-utils] missing idmapd.conf | Unconfirmed | |
Task Description
Hello,
When mounting an NFS share, I get a warning about missing idmpad.conf
rpc.idmapd: Skipping configuration file "/etc/idmapd.conf": No such file or directory
4341: * Stopping idmapd ...
Debian includes a default config file for idmap :
[General]
Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
# set your own domain here, if id differs from FQDN minus hostname
# Domain = localdomain
[Mapping]
Nobody-User = nobody
Nobody-Group = nogroup
|
|
Packages | Any | Implementation Request | Very Low | Medium | [gitea] self-hosted git service | Assigned | |
Task Description
Description:
A nice Git service would be welcomed in our pacman.
- https://github.com/go-gitea/gitea
- https://www.archlinux.org/packages/community/x86_64/gitea/
|
|
Packages | Any | Feature Request | Very Low | Medium | Qemu-kvm package request | Unconfirmed | |
Task Description
1:2.8 or later, qemu-kvm
This would make qemu so much easier and faster, please support this package.
|
|
Packages | Any | Drop Request | Very Low | Medium | [hardening-wrapper] deprecated, not needed anymore | Unconfirmed | |
Task Description
According to : https://github.com/thestinger/hardening-wrapper-deprecated
Wrapper scripts for building hardened executables by default (deprecated, replaced by standard Arch Linux toolchain changes)
|
|
Software Development | Iceweasel-UXP | Backport Request | Very Low | Medium | Request browser add-on: New Tab Tools | Unconfirmed | |
Task Description
Name: New Tab Tools Version: 81 (compatible Firefox version 52) Source code: Github Description: Customize Firefox’s. Tabs Page
https://github.com/darktrojan/newtabtools
https://addons.mozilla.org/en-US/firefox/addon/new-tab-tools/
|
|
Packages | Stable | Bug Report | Very Low | Medium | PCManFM display different behavior | Unconfirmed | |
Task Description
Description:
The problem is pcmanfm is not showing any partitions on the left side. It only show Home Folder, Desktop, Applications, Filesystem and the ext. hdd. If I include dbus-launch pcmanfm -d command, it show the other partitions on the left side of window but not ext. hdd. The drive/partitions are not encrypted. I do have dbus, gvfs & ntfs-3g installed and active services.
Additional info: * package version(s) PCManFM 1.2.5 - using LibFM ver. 1.2.5
Steps to reproduce: Original install from the livecd with LXDE but I may run Openbox standalone and get the same behavior with either environment. I do not have this issue running other distros.
|
|
Packages | Any | Feature Request | Very Low | Medium | Remove dependency of packages on pulseaudio/libpulse | Assigned | |
Task Description
Similar to systemd, pulseaudio or libpulse is forced upon users as many packages require it such as kodi, gnome-shell (and thus also gdm), ffmpeg, gst-plugins-good, simplescreenrecorder, clementine, empathy, seamonkey (iceape), fluidsynth, mumble and qemu, Most/all of these packages can probably be compiled with pulseaudio or libpulse as an optional dependency instead.
|
|
Packages | Any | Bug Report | Very Low | Medium | [mate-panel] country flags for keyboard layouts are mis... | Unconfirmed | |
Task Description
After enabling show-flags via dconf-editor in org.mate.peripherals-keyboard-xkb.indicator the flags don’t show up. The simple workaround is to copy flags you want into ~/.icons/flags (after creating the directory) from here
https://github.com/linuxmint/flags/tree/master/usr/share/iso-flag-png
and then to reboot.
It seems to be this bug:
https://askubuntu.com/questions/1059324/how-to-show-current-keyboard-layout-on-mate-panel-as-country-flag/1059325#1059325
|
|
Packages | Any | Bug Report | Very Low | Medium | [ffmpegthumbnailer] missing support for some media form... | Unconfirmed | |
Task Description
ffmpegthumbnailer does not support some media formats since they do not appear in its configuration file ffmpegthumbnailer.thumbnailer which can be found in /usr/share/thumbnailers/. By editing the file ffmpegthumbnailer.thumbnailer one can add thumbnail support for embedded art in audio formats such as flac and mp3 (using the -m flag) and thumbnail support for webp (a new image format which iceweasel-uxp and gthumb support). I’m attaching my edited file (I just added a few common audio formats and webp and added the -m flag and removed the -f flag).
|
|
Packages | Any | Implementation Request | Very Low | Medium | [foxtrotgps] please add package to repos | Unconfirmed | |
Task Description
Unlike other mapping software (gnome-maps, emerillon) it does not depend on geoclue/geoclue2 (or on kde packages like marble). The package was added to Arch’s official repos over a year ago. Their PKGBUILD builds fine.
|
|
Packages | Any | Implementation Request | Very Low | Medium | [peertube] Add new Package | Unconfirmed | |
Task Description
Description:
Hi guys. Could they add PeerTube to Hyperbola?
It’s on AUR.
Under the AGPLv3 license
Additional info:
I see that the PeerTube help configuration with an init.d
|
|
Packages | Any | Feature Request | Very Low | Medium | [slim-themes] please add hyperbola branded variant | Unconfirmed | |
Task Description
slim-themes seems to be considered free according to Parabola - they have an issue with arch branding (slim-themes::::[branding][ :package] has “archlinux” theme) which they resolve be creating the package parabola-themes-slim. Perhaps this can be the basis for hyperbola branded themes.
https://git.parabola.nu/blacklist.git/plain/blacklist.txt https://www.parabola.nu/packages/libre/x86_64/parabola-themes-slim/
|
|
Packages | Any | Feature Request | Very Low | Medium | Add Trinity Desktop | Unconfirmed | |
Task Description
I would like this, because, it looks even better than xfce4. It does use an older qt3 though, BUT, they are maintaining QT3 and improving it themselves.
Plus, its more lightweight than xfce4 and maybe even lxqt too without looking like crap like lxqt and yet still is better than a WM.
I know you don’t like stuff that is abandonware in any sense, but given its being maintained, I hope you will add it.
But let me know.
|
|
Packages | Any | Security Issue | Very Low | Medium | [patch] CVE-2018-6951 - NULL pointer DoS | Assigned | |
Task Description
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a “mangled rename” issue.
https://security-tracker.debian.org/tracker/CVE-2018-6951
|
|
Packages | Any | Security Issue | Very Low | Medium | [qemu] Multiple CVE | Unconfirmed | |
Task Description
CVE-2018-20123 QEMU: pvrdma: memory leakage in device hotplug https://www.openwall.com/lists/oss-security/2018/12/13/4
CVE-2018-16872 Qemu: usb-mtp: path traversal by host filesystem manipulation in Media Transfer Protocol (MTP) https://www.openwall.com/lists/oss-security/2018/12/13/11
Patches included at above URLs.
|
|
Packages | Any | Implementation Request | Very Low | Medium | [purple-matrix] Please add package | Unconfirmed | |
Task Description
Package is a libpurple plugin for the Matrix protocol which is consistent with Hyperbola’s social contract as Matrix is a federated protocol.
Source code can be found here licensed under GPLv2:
https://github.com/matrix-org/purple-matrix
PKGBUILD for git version is available here (last stable release is from two years ago so git version is probably the best version to use):
https://aur.archlinux.org/packages/purple-matrix-git/
|
|
Packages | Any | Implementation Request | Very Low | Medium | [i3-gaps] Add new package | Unconfirmed | |
Task Description
Description: i3-gaps is a fork of i3 that properly implements gaps.
Additional info: It is implemented in the AUR https://www.archlinux.org/packages/community/x86_64/i3-gaps/ and it’s source is available on github: https://github.com/Airblader/i3
|