All Projects

ProjectCategoryTask TypePrioritySeveritySummaryStatus  descProgress
PackagesStableImplementation RequestVery LowLow[codelite] Adding new packageUnconfirmed
0%
Task Description

The IDE codelite is an excellent development environment, continuously updated, has a clear vision and active support.
Would be nice to have this one within the repositories in upcoming releases, perhaps 0.5?

PackagesAnyFreedom IssueVery LowLow[gnome] Complete remval of desktop-environmentUnconfirmed
0%
Task Description

Description: As Gnome has decided against following libre, free principles the desktop-environment has becoming a risk for the privacy and freedom for users. Meaning that the desktop-environment with all basic packages should be removed. Of course the final decision is up to the community and the development-team. Followed up are more reasons for the insights:

* Bloated with questionable dependencies (including mandatory systemd)
* Using proprietary services as high risk for freedom and privacy for users (https://i.stack.imgur.com/yZcyV.png)
* Coming up with questionable and vague principles, against software-freedom in a whole (inclusion of flatpak and flathub as so-called standardization for distributions, discussions about proprietary software included within the software-center)

Additional info for packages:

gnome-backgrounds
gnome-calculator
gnome-contacts
gnome-control-center
gnome-dictionary
gnome-disk-utility
gnome-font-viewer
gnome-keyring
gnome-screenshot
gnome-session
gnome-settings-daemon
gnome-shell
gnome-shell-extensions
gnome-system-monitor
gnome-terminal
gnome-themes-standard
gnome-user-docs
gnome-user-share
grilo-plugins

PackagesAnySecurity IssueVery LowMediumDownload debian-fixes instead of relying on external so...Unconfirmed
0%
Task Description

It happened already with minetest and again with prosody: When trying to build own packages with makepkg there are patches downloaded from the Debian-project. But the given HTTP(S)-sources are no longer available, concrete example within prosody to be found: https://deb.debian.org/debian/pool/main/p/prosody/prosody_0.10.2-1~bpo9+1.debian.tar.xz (not available)

Please don’t rely on those external sources when creating PKGBUILD-files or just give users the possibility for a secure and granted download. Therefore I cannot build prosody on my own now!

PackagesStableBug ReportVery LowMediumlinphonec error (cli version)Unconfirmed
0%
Task Description

Description:
linphonec is unusable because a error produce a continuous log

Additional info:
linphone 3.11.1-1.hyperbola1

Steps to reproduce:
linphonec

Log:
linphonec> 2019-12-15 19:25:58:010 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:03:012 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:08:018 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:13:013 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:18:016 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:23:014 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:28:010 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:33:010 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:38:012 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:43:015 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:48:010 ortp-error-Error in connect: Network is unreachable
2019-12-15 19:26:53:010 ortp-error-Error in connect: Network is unreachable

PackagesAnyBug ReportVery LowLowXenocara xbacklight bugUnconfirmed
0%
Task Description

When i try to set the brightness on my screen, with xbacklight -set 100,

it does this:

No outputs have backlight property

and it doesn’t really matter if I set it lower than 100 or what it currently is at.

Fix when you can please!

PackagesStableUpdate RequestVery LowLow[icewm] Upgrade package versionUnconfirmed
0%
Task Description

The current version of the package icewm within the Hyperbola-repositories is 1.3.8. The latest version is 1.6.3!
An update would be helpful as this window-manager follows absolutely the principles of the distribution Hyperbola itself, being simple and fast.

PackagesAnyBug ReportVery LowLowlightdm/lxdm bugUnconfirmed
0%
Task Description

It appears when I plug in my libreboot laptop x200 in, it appears to dim the screen and when its unplugged, the screen is bright again. Something peculiar is at work, I wondered if this could be fixed.

My assumption is it is related to lxdm or lightdm. Any thoughts?

I am currently using 0.4, so I don’t expect this to be a fast process, just when you get a chance okay?

PackagesStableSecurity IssueVery LowCritical[lts-kernel][sec] filter /dev/mem access & restrict acc...Unconfirmed
0%
Task Description

These two options could be enabled :

Kernel hacking → [*] Filter access to /dev/mem
[*] Filter I/O access to /dev/mem

Security options → [*] Restrict unprivileged access to the kernel syslog

PackagesAnyFreedom IssueVery LowLow[hedgewars] Crash when starting a new singleplayer-camp...Unconfirmed
0%
Task Description

When trying to start a new campaign the complete game-engine is crashing with the following message:

Object::disconnect: Unexpected null parameter
QCoreApplication::postEvent: Unexpected null receiver

As ghc and fpc should be removed in the near future it would be good to validate this or otherwise remove the game-package itself also.

PackagesStableBug ReportVery LowLow[dhcpcd-ui] Adding icons from "Network-Manager Applet"Unconfirmed
0%
Task Description

When using the package for wireless connections no further icon is displayed without having the package [b]network-manager-applet[/b] installed.

PackagesAnySecurity IssueVery LowCritical[opensmtpd] CVE-2020-8794Unconfirmed
0%
Task Description

Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/

Qualys Security Advisory

LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)

Contents

Summary
Analysis
...
Acknowledgments

Summary

We discovered a vulnerability in OpenSMTPD, OpenBSD’s mail server. This
vulnerability, an out-of-bounds read introduced in December 2015 (commit
80c6a60c, “when peer outputs a multi-line response ...”), is exploitable
remotely and leads to the execution of arbitrary shell commands: either
as root, after May 2018 (commit a8e22235, “switch smtpd to new
grammar”); or as any non-root user, before May 2018.

Because this vulnerability resides in OpenSMTPD’s client-side code
(which delivers mail to remote SMTP servers), we must consider two
different scenarios:

- Client-side exploitation: This vulnerability is remotely exploitable

in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.

- Server-side exploitation: First, the attacker must connect to the

OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).

We developed a simple exploit for this vulnerability and successfully
tested it against OpenBSD 6.6 (the current release), OpenBSD 5.9 (the
first vulnerable release), Debian 10 (stable), Debian 11 (testing), and
Fedora 31.

The fix is delivered in OpenSMTPD 6.6.4p1, available here, which the developer recommends installing “AS SOON AS POSSIBLE.”

ServicesHyperWebBug ReportVery LowMediumThe Mailling list don't workUnconfirmed
0%
Task Description

The Mailling list don't work : https://lists.hyperbola.info//mailman/listinfo/

PackagesAnyImplementation RequestVery LowMedium[chdkptp] please add package to control Canon camerasUnconfirmed
0%
Task Description

CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.

Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.

Code is available via svn:

$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp

Copy chdkptp.sh and config.mk files to source tree then compile via make. chdkptp requires root privileges to connect to a camera.

PackagesAnyImplementation RequestVery LowLow[chdkptp] please add package to reposUnconfirmed
0%
Task Description

CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.

Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.

Code is available via svn:

$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp

Copy chdkptp.sh and config.mk files to source tree then compile via make. Requires root privileges to connect to a camera.

PackagesStableSecurity IssueVery LowMedium[git] Multiple CVEsUnconfirmed
0%
Task Description

CVE-2020-5260 has been fixed very recently in Debian, so I thought I would apply this patch. However, I found out that security patches have not been applied for quite a while (I could account for at least 6 CVEs).

Considering that the version in Debian stretch (2.11.0) is the nearest version with security patches released by Debian and that git project oldest supported version is 2.17, I have used patches from Debian stretch to apply on 2.12.2 currently in Milky Way.

But I have the following error on check():

 |  *** prove ***
 |
 |  Test Summary Report
 |  -------------------
 |  t5570-git-daemon.sh                              (Wstat: 256 Tests: 20 Failed: 10)
 |    Failed tests:  3-7, 15-19
 |    Non-zero exit status: 1
 |  t5811-proto-disable-git.sh                       (Wstat: 256 Tests: 26 Failed: 16)
 |    Failed tests:  2-6, 9-11, 15-19, 21-23
 |    Non-zero exit status: 1
 |  Files=769, Tests=14137, 1101 wallclock secs ( 8.08 usr  1.12 sys + 144.48 cusr 63.42 csys = 217.10 CPU)
 |  Result: FAIL
 |  make[1]: *** [Makefile:45: prove] Error 1
 |  make[1]: Leaving directory '/build/git/src/git-2.12.2/t'
 |  make: *** [Makefile:2291: test] Error 2
 |  ==> ERROR: A failure occurred in check().
 |      Aborting...

This does not seem to be related to my change as the current version in Milky Way produces the same error (IOW the package currently in Milky Way is not rebuidable).

PackagesStableBug ReportVery LowCritical[gtk-2] Severe problems with GTK2-applicationsUnconfirmed
0%
Task Description

Description: Since the migration to xenocara there seems to be a bug with applications using GTK-2. From time to time there are crashes with assertion `!xcb_xlib_threads_sequence_lost’.

Looking into this a little bit more deep there are also other distributions affected and this is an upstream-bug. But the concrete situation is not that easy, while it could be also part of the library libX11 itself. Looking therefore here: https://bugs.launchpad.net/ubuntu/+source/pcmanfm/+bug/1782984

Affected are for example LXDE in general, icedove, iceweasel and many more!

PackagesStableFreedom IssueVery LowCritical[keybase] Complete removal of toolUnconfirmed
0%
Task Description

There is only the source code of the client available and since years nothing more happened. With keybase joining “Zoom” nothing more seems to happen. Look also here in the forum: https://forums.hyperbola.info/viewtopic.php?id=368

PackagesAnyFreedom IssueVery LowHighSynergy en teclado en español no tiene tildes ni ñUnconfirmed
0%
Task Description

Description:
Share a single mouse and keyboard between multiple computers, with libressl and OpenRC support

Issue:
Synergy no es capas de trasmitir tildes ni eñes y demás caracteres del español españa

Additional info:
* package version(s): community/synergy 1.8.8-2.hyperbola1
* config and/or log files etc.

Steps to reproduce:
instalarar synergy en 2 PCs con hyperbola 0.3, he intentar escribir tildes, no funcionará...

ServicesMail Service IssueBug ReportVery LowMediumCannot send emails to hyperbola.info addressesUnconfirmed
0%
Task Description

Hi,

My email server (riseup.net) fails to deliver emails to hyperbola.info. Here’s the error message coming in the returned email:

Reporting-MTA: dns; mx1.riseup.net
X-Postfix-Queue-ID: 49vvwD4xQnzFf2F
X-Postfix-Sender: rfc822; xxxxx@riseup.net
Arrival-Date: Sun, 28 Jun 2020 08:40:44 -0700 (PDT)

Final-Recipient: rfc822; xxxxx@hyperbola.info
Original-Recipient: rfc822;xxxxx@hyperbola.info
Action: failed
Status: 4.7.5
Diagnostic-Code: X-Postfix; Server certificate not verified

This problem did not occur last time I sent emails to a hyperbola.info account (December 2019).
It does not happen with any other destination email server. My guess is that something isn’t properly configured in your server.
If you conclude that this is a riseup.net problem, let me know and I’ll open a bug report with them.

PackagesAnyImplementation RequestLowLow[codecrypt] add new packageUnconfirmed
0%
Task Description

This is a GnuPG-like unix program for encryption and signing that uses only quantum-computer-resistant algorithms:

  McEliece cryptosystem (compact QC-MDPC variant) for encryption
  Hash-based Merkle tree algorithm (FMTSeq variant) for digital signatures

Codecrypt is free software. The code is licensed under terms of LGPL3 in a good hope that it will make combinations with other tools easier.

PackagesAnyFeature RequestLowLow[scribus] missing hunspell supportUnconfirmed
0%
Task Description

I have noticed that the version of scribus that is available in hyperbola does not have the option of spelling correction and by references of the official scribus channel indicate that scribus has to be built with hunspell. I do not understand how that is done, I just need to be able to correct spelling from scribus.

PackagesAnyFeature RequestLowLow[npapi-vlc] package from git sourceUnconfirmed
0%
Task Description

Description: As mentioned in Bug #18, our VLC plugin was not maintained in some time and the deprecated addon was removed. However, upstream is actively working on the plugin as per: https://code.videolan.org/videolan/npapi-vlc/tree/master

We should build this from source and re-package.

PackagesStableBug ReportLowMediumGarbled display with xfce4-terminal (terminfo)Unconfirmed
0%
Task Description

A very nasty bug I wasn’t able to find an answer to.
I compiled stuff (buildroot) using menuconfig, the menu display was fine in xfce4-terminal (See screenshot #1)
I restarted the config a few days later with the same command :

$ make menuconfig

and this time the display was messed up (See screenshot #2)

After investigation, I noticed a directory (filled with stuff) have been created in my home folder :

.terminfo

I don’t know why. But anyway, if I delete it, then the display is ok again.
I noticed that if I use good old xterm terminal, then the display is fine even if the .terminfo directory is present. (it uses “xterm” instead of xterm-256color)

But, with xfce4-terminal (and others, I tried with gnome-terminal, sakura..), the display is messed up if the .terminfo directory is present in my home folder.

I also noticed that if I run the command in a screen session, the issue is not present.

(I open xfce4-terminal)

$ screen
$ printenv TERM
screen.xterm-256color
$ make menuconfig (or htop, or other program using ncurses)

= display ok

but with default :

(I open xfce4-terminal)

$ printenv TERM
xterm-256color
make menuconfig (or htop, or other program using ncurses)

= display messed up if .terminfo directory is present

So I have no idea why this .terminfo directory is generated. What could trigger its generation ? Is that an issue with ncurses or something else ?

Thanks for your help

PackagesAnyBug ReportLowHigh[kaccounts-integration] option to add NextCloud/OwnClou...Unconfirmed
0%
Task Description

Description:

  • Option to add NextCloud/OwnCloud accounts in ‘Online Accounts’ section of System Settings not appearing.

Additional info:
* package version(s)

  • 17.04.0-1

* config and/or log files etc.

  • N/A

Steps to reproduce:

  • Run application
  • Go to ‘Online Accounts’ section of System Settings
PackagesAnyBug ReportLowHigh[kdenetwork-kopete] clicking to add an Jabber Account o...Unconfirmed
0%
Task Description

Description:

  • Clicking to add an Jabber Account opens a dialog with no fields to enter information.

Additional info:
* package version(s)

  • 17.04.0-3.hyperbola1

* config and/or log files etc.

  • N/A

Steps to reproduce:

  • Run Application
  • Clicking to add an Jabber Account
ServicesHyperWiki/DokuWikiImplementation RequestMediumMediumLibreboot hardening grub guideUnconfirmed
0%
Task Description

I don’t know if this is the best place for this, but I get stuck on the hardening the grub guide from libreboot,

https://libreboot.org/docs/gnulinux/grub_hardening.html

I wondered if there is anything different that needs to be done to get this part done:

gpg –homedir keys –detach-sign my.initramfs
gpg –homedir keys –detach-sign my.kernel
gpg –homedir keys –detach-sign libreboot_grub.cfg
gpg –homedir keys –detach-sign my.grubtest.cfg

it gives me a bunch of weird errors

PackagesAnyImplementation RequestMediumLowScid vs. PC – PGN Reader/ChessBaseUnconfirmed
0%
Task Description

http://scidvspc.sourceforge.net/

PackagesAnyImplementation RequestMediumLowStockfish Chess EngineUnconfirmed
0%
Task Description

«Unlike most chess engines, Stockfish is open source (GPL license). That means you can read the code, modify it, contribute back, and even use it in your own projects.» I do not know if it is libre. If it is, together with Scid, Hyperbola is one step closer for every chess lover out there who also loves freedom!
https://stockfishchess.org/

PackagesAnyFeature RequestMediumMedium[pybitmessage] Package RequestUnconfirmed
0%
Task Description

PyBitmessage is a secure p2p e-mail alternative. It could be useful to package it.

https://github.com/Bitmessage/PyBitmessage/releases https://aur.archlinux.org/packages/pybitmessage/ https://aur.archlinux.org/packages/pybitmessage-git/ (contains a firejail profile)

PackagesAnyUpdate RequestMediumHighMake Knock patch for Linux-libre 4.14 LTSUnconfirmed
0%
Task Description

The Knock patches for linux-libre maintained by you at https://git.hyperbola.info:50100/kernels/knock.git/ have support up to linux-libre 4.13 only (and I think it didn’t work for it when I tried it, compilation failed) but from all of those supported versions, the newest maintained generation by the upstream is 4.9.x

However, since newer kernel generations might require reprogramming the patch, I want to request it only for the latest LTS generation which is 4.14. As you know, LTS software are supported for a long time, so it’s worth to make it for linux-libre 4.14.x

This might not be really important for Hyperbola in the short term, but you are the maintainers of the TCP Stealth implementation for Linux-libre and I and maybe other people would like to use it in their projects for newer versions.

Plus, it would be great since while 4.9 kernels can use the GRSec+Knock combination like linux-libre-lts-unofficial-grsec-knock, with support for 4.14 anyone would be able to use a combination of newer patches such as Linux-hardened+Knock (Linux-hardened supports 4.14 and 4.15 as of now) which is what I’d like to do.
https://github.com/copperhead/linux-hardened/releases

PackagesAnyFreedom IssueMediumLow[openjpeg] vague terminology "Open Source" in descripti...Unconfirmed
0%
Task Description

This package contains vague terminology “Open Source”:

extra/openjpeg 1.5.2-1
    An open source JPEG 2000 codec

According to:
https://www.gnu.org/distros/free-system-distribution-guidelines.html

We shall avoid vague terminology such as “Open Source”, please see here:
https://www.gnu.org/philosophy/words-to-avoid.html#Open

It would be good example to set to have proper description of packages without using “Open Source”.

eg.

A free software JPEG 2000 codec
PackagesAnyUpdate RequestMediumHigh[php] is out of date/supportUnconfirmed
0%
Task Description

Description:

From official PHP page, our php 7.1 is out of support and security

Our package :
https://www.hyperbola.info/packages/extra/x86_64/php/

PHP page :
https://www.php.net/supported-versions.php

PackagesAnyImplementation RequestVery HighMedium[coturn] add new packageUnconfirmed
0%
Task Description

Description:

  • add new package

Additional info:

Steps to reproduce:

  • none
PackagesAnyImplementation RequestVery HighMedium[mediagoblin] add GNU MediaGoblin packageUnconfirmed
0%
Task Description

Description:

  • add GNU MediaGoblin package

Additional info:

  • none

Steps to reproduce:

  • none
Showing tasks 451 - 484 of 484 Page 10 of 10<<First - 6 - 7 - 8 - 9 - 10

Available keyboard shortcuts

Tasklist

Task Details

Task Editing