All Projects

ProjectCategoryTask TypePrioritySeveritySummaryStatus  descProgress
PackagesAnyImplementation RequestVery LowMedium[purple-matrix] Please add packageUnconfirmed
0%
Task Description

Package is a libpurple plugin for the Matrix protocol which is consistent with Hyperbola’s social contract as Matrix is a federated protocol.

Source code can be found here licensed under GPLv2:

https://github.com/matrix-org/purple-matrix

PKGBUILD for git version is available here (last stable release is from two years ago so git version is probably the best version to use):

https://aur.archlinux.org/packages/purple-matrix-git/

PackagesAnyImplementation RequestVery LowMedium[i3-gaps] Add new packageUnconfirmed
0%
Task Description

Description: i3-gaps is a fork of i3 that properly implements gaps.

Additional info:
It is implemented in the AUR https://www.archlinux.org/packages/community/x86_64/i3-gaps/ and it’s source is available on github: https://github.com/Airblader/i3

PackagesAnyImplementation RequestVery LowLow[mkv-extractor-qt] add packageUnconfirmed
0%
Task Description

Could it be possible to add :

mkv-extractor-qt

“Graphical MKV demultiplexer”

https://aur.archlinux.org/packages/mkv-extractor-qt/

License: GPL3

Thanks

ServicesHyperWiki/DokuWikiImplementation RequestVery LowMediumProvide binaries for the Ice*-UXP applications in their...Unconfirmed
0%
Task Description

This would ease their usage on other distros.

PackagesAnyImplementation RequestVery LowLow[vidcutter] add packageUnconfirmed
0%
Task Description

Could it be possible to add :

vidcutter

“A modern, simple to use, constantly evolving and hella fast MEDIA CUTTER + JOINER w/ frame-accurate SmartCut technology + Qt5, libmpv, FFmpeg and MediaInfo powering the backend.”

License : GPL3

https://aur.archlinux.org/packages/vidcutter/

https://vidcutter.ozmartians.com/

PackagesAnyImplementation RequestVery LowMediumPrivacy Settings for IceapeUnconfirmed
0%
Task Description

This addon works for any firefox based browser but not seamonkey based or this.

I wondered if you could implement the iceweasel one for Iceape.

PackagesAnyImplementation RequestVery LowMedium[midori] please re-add new releasesUnconfirmed
0%
Task Description

The security issues regarding the package which led to the package’s removal from Hyperbola (old WebKit and Vala dependency) have apparently been resolved in recent releases, see the new comment in this bug report and the latest PKGBUILD in Arch’s repo.

https://launchpad.net/bugs/1698483

https://www.archlinux.org/packages/community/x86_64/midori/

PackagesAnyImplementation RequestVery LowLow[qarte] add packageUnconfirmed
0%
Task Description

Request for :

qarte

“Allow you to browse into the archive of arte+7 & arteLiveWeb sites and to record your prefered videos.”

https://aur.archlinux.org/packages/qarte

License : GPL3

PackagesAnyImplementation RequestVery LowMedium[nnn] package requestUnconfirmed
0%
Task Description

This is a request to package nnn - a full-featured terminal file manager for low-end devices and the regular desktop.

nnn is available on Debian, Ubuntu (and family), Fedora, OpenSUSE and Arch Linux.

Homepage: https://github.com/jarun/nnn License: BSD 2-Clause

I would highly appreciate if nnn can be added to the repository.

PackagesAnyImplementation RequestVery LowMediumSupport of MPTCP (Multipath TCP) on HyperbolaUnconfirmed
0%
Task Description

Patch for 4.9 : https://multipath-tcp.org/patches/mptcp-v4.9-c88d1d56809e.patch

AUR : https://aur.archlinux.org/packages/linux-mptcp/

PackagesAnyImplementation RequestVery LowHighAdd MPTCP (MultiPath TCP) to HyperbolaUnconfirmed
0%
Task Description

https://aur.archlinux.org/packages/linux-mptcp/

Kernel Patch for 4.9 :
http://multipath-tcp.org/patches/mptcp-v4.9-c88d1d56809e.patch

Compile :
https://multipath-tcp.org/pmwiki.php/Users/DoItYourself

PackagesAnyImplementation RequestVery LowLow[xfce4-alsa-plugin] add packageUnconfirmed
0%
Task Description

Please add xfce4-alsa-plugin (to get rid of pulseaudio plugin on xfce)

License: GPL3

https://aur.archlinux.org/packages/xfce4-alsa-plugin/ https://github.com/equeim/xfce4-alsa-plugin

PackagesAnyImplementation RequestVery LowMedium[SPF][postfix] implement pypolicyd-spf and postfix-poli...Unconfirmed
0%
Task Description

Description:
Hyperbola has the following SPF implementations:
* libspf2
* perl-mail-spf
* perl-mail-spf-query

However, none of them work out of the box with postfix. There’s postfix-policyd-spf-perl, which uses one the current perl implementations (perl-mail-spf), takes no time to build and all the dependencies are already satisfied with Hyperbola’s packages

Here I made a PKGBUILD that’s compliant with the packaging standards:

pkgname=postfix-policyd-spf-perl
pkgver=2.011
pkgrel=1
pkgdesc='Postfix SPF policy engine, written in Perl'
arch=(i686 x86_64)
url='https://launchpad.net/postfix-policyd-spf-perl/'
license=(GPL)
depends=(perl-mail-spf perl-netaddr-ip perl-sys-hostname-long)
source=("https://launchpad.net/postfix-policyd-spf-perl/trunk/${pkgver}/+download/${pkgname}-${pkgver}.tar.gz"{,.asc})
sha512sums=('22fc00bf74912056a67e937a460ac1fd878f1cb1a3bfa7b19bc5f1e6bc1c36d815dcf8c945e818d242ed5e72a6295bb0e1569446e06b09aefb2842993b8016ba'
            'SKIP')
validpgpkeys=(E7729BFFBE85400FEEEE23B178D7DEFB9AD59AF1) # Scott Kitterman

package() {
  cd "${pkgname}-${pkgver}"

  install -Dm755 "${pkgname}" "${pkgdir}/usr/libexec/postfix/${pkgname}"
  install -Dm644 CHANGES INSTALL README -t "${pkgdir}/usr/share/doc/${pkgname}"
  install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}

in the other hand, to give users the possibility of having more options, we could add pypolicyd-spf (AUR), which depends in pyspf (AUR) and other packages that Hyperbola has. In fact, ArchWiki talks about this implementation, but this might not be relevant.

PackagesStableImplementation RequestVery LowLow[xfe] Add Opus audio file type supportUnconfirmed
0%
Task Description

A format is not known or recognized in the original code base. To add a string into at the audio section in xferc.in:

opus = "<audioplayer>,<audioplayer>,audacity;Opus Audio;mp3_32x32.png;mp3_16x16.png;;"
PackagesStableImplementation RequestVery LowLow[codelite] Adding new packageUnconfirmed
0%
Task Description

The IDE codelite is an excellent development environment, continuously updated, has a clear vision and active support.
Would be nice to have this one within the repositories in upcoming releases, perhaps 0.5?

PackagesAnyImplementation RequestVery LowMedium[chdkptp] please add package to control Canon camerasUnconfirmed
0%
Task Description

CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.

Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.

Code is available via svn:

$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp

Copy chdkptp.sh and config.mk files to source tree then compile via make. chdkptp requires root privileges to connect to a camera.

PackagesAnyImplementation RequestVery LowLow[chdkptp] please add package to reposUnconfirmed
0%
Task Description

CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.

Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.

Code is available via svn:

$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp

Copy chdkptp.sh and config.mk files to source tree then compile via make. Requires root privileges to connect to a camera.

PackagesAnyPrivacy IssueVery LowMedium[avahi] avahi publishes the hostname by defaultUnconfirmed
0%
Task Description

By default, the ‘disable-publishing’ parameter in the [publish] section of avahi-daemon.conf is set to ‘no’, which can be seen in my opinion as a privacy issue as avahi broadcasts the hostname without the user’s consent even though this has been explicitly disabled in the settings of networkmanager.

PackagesAnyPrivacy IssueVery LowLow[purple-plugin-pack] Provides Napster support which is ...Unconfirmed
0%
Task Description

purple-plugin-pack provides access to Napster which is only useful with a single company and sever (as far as I could tell).

PackagesStableReplace RequestVery LowMediumPackage ossp has got systemd dependenciesUnconfirmed
0%
Task Description

Description: Concurrent package ossp in version 1.3.2-15 has got dependencies to systemd, which is contradicting the whole distribution and the used INIT-system. Therefore my request to port this to OpenRC!

Additional info:
* package version(s) 1.3.2-15

PackagesTestingReplace RequestVery LowMedium replace request: NetworkManager with wpa_cuteUnconfirmed
0%
Task Description

https://github.com/loh-tar/wpa-cute/releases

I know there are plans to remove NetworkManager. I wondered if we could replace it in 0.4 with Wpa_Cute. seen in the above link.

I haven’t been able to compile it, but it has been updated as recent as 2018 december (stable)

or 2019 january. :)

WPA_GUI doesn’t seem to work well for me, it runs into weird errors when I start it. Long story short, I run into this issue with wpa_supplicant when i do it manually:

https://wiki.archlinux.org/index.php/Wpa_supplicant:

Password-related problems

wpa_supplicant may not work properly if directly passed via stdin particularly long or complex passphrases which include special characters. This may lead to errors such as failed 4-way WPA handshake, PSK may be wrong when launching wpa_supplicant.

In order to solve this try using here strings wpa_passphrase <MYSSID> «< “<passphrase>” or passing a file to the -c flag instead:

# wpa_supplicant -i <interface> -c /etc/wpa_supplicant/example.conf

In some instances it was found that storing the passphrase cleartext in the psk key of the wpa_supplicant.conf network block gave positive results (see [2]). However, this approach is rather insecure. Using wpa_cli to create this file instead of manually writing it gives the best results most of the time and therefore is the recommended way to proceed.
Problems with eduroam and other MSCHAPv2 connections

This is my issue with wpa_supplicant sadly... and I do not know how to workaround that without a GUI.

but Wpa_Supplicant_gui does not fix it either, it doesn’t even load properly on my other laptop.

It says it cannot get the status of wpa_supplicant when I load it.

This could be an issue if you get rid of NetworkManager for some users.

So yeah, please take a look at my request okay? Wait for 0.3 to be released to add this if possible. I know you guys are overworked, etc... and it doesn’t need to be done now anyhow. ;)

PackagesAnySecurity IssueVery LowHigh[octopi] requires suUnconfirmed
0%
Task Description

would it be possible to make it use sudo instead?

From what I know, sudo is safer. Let me know if you agree this is a problem.

PackagesAnySecurity IssueVery LowMedium[qemu] Multiple CVEUnconfirmed
0%
Task Description

CVE-2018-20123 QEMU: pvrdma: memory leakage in device hotplug
https://www.openwall.com/lists/oss-security/2018/12/13/4

CVE-2018-16872 Qemu: usb-mtp: path traversal by host filesystem
manipulation in Media Transfer Protocol (MTP)
https://www.openwall.com/lists/oss-security/2018/12/13/11

Patches included at above URLs.

PackagesAnySecurity IssueVery LowMediumDownload debian-fixes instead of relying on external so...Unconfirmed
0%
Task Description

It happened already with minetest and again with prosody: When trying to build own packages with makepkg there are patches downloaded from the Debian-project. But the given HTTP(S)-sources are no longer available, concrete example within prosody to be found: https://deb.debian.org/debian/pool/main/p/prosody/prosody_0.10.2-1~bpo9+1.debian.tar.xz (not available)

Please don’t rely on those external sources when creating PKGBUILD-files or just give users the possibility for a secure and granted download. Therefore I cannot build prosody on my own now!

PackagesAnySecurity IssueVery LowCritical[unbound] Multiple CVEsUnconfirmed
0%
Task Description

https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/

[Critical] https://security-tracker.debian.org/tracker/CVE-2019-18934

PackagesStableSecurity IssueVery LowCritical[lts-kernel][sec] filter /dev/mem access & restrict acc...Unconfirmed
0%
Task Description

These two options could be enabled :

Kernel hacking → [*] Filter access to /dev/mem
[*] Filter I/O access to /dev/mem

Security options → [*] Restrict unprivileged access to the kernel syslog

PackagesAnySecurity IssueVery LowCritical[opensmtpd] CVE-2020-8794Unconfirmed
0%
Task Description

Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/

Qualys Security Advisory

LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)

Contents

Summary
Analysis
...
Acknowledgments

Summary

We discovered a vulnerability in OpenSMTPD, OpenBSD’s mail server. This
vulnerability, an out-of-bounds read introduced in December 2015 (commit
80c6a60c, “when peer outputs a multi-line response ...”), is exploitable
remotely and leads to the execution of arbitrary shell commands: either
as root, after May 2018 (commit a8e22235, “switch smtpd to new
grammar”); or as any non-root user, before May 2018.

Because this vulnerability resides in OpenSMTPD’s client-side code
(which delivers mail to remote SMTP servers), we must consider two
different scenarios:

- Client-side exploitation: This vulnerability is remotely exploitable

in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.

- Server-side exploitation: First, the attacker must connect to the

OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).

We developed a simple exploit for this vulnerability and successfully
tested it against OpenBSD 6.6 (the current release), OpenBSD 5.9 (the
first vulnerable release), Debian 10 (stable), Debian 11 (testing), and
Fedora 31.

The fix is delivered in OpenSMTPD 6.6.4p1, available here, which the developer recommends installing “AS SOON AS POSSIBLE.”

PackagesStableSecurity IssueVery LowMedium[git] Multiple CVEsUnconfirmed
0%
Task Description

CVE-2020-5260 has been fixed very recently in Debian, so I thought I would apply this patch. However, I found out that security patches have not been applied for quite a while (I could account for at least 6 CVEs).

Considering that the version in Debian stretch (2.11.0) is the nearest version with security patches released by Debian and that git project oldest supported version is 2.17, I have used patches from Debian stretch to apply on 2.12.2 currently in Milky Way.

But I have the following error on check():

 |  *** prove ***
 |
 |  Test Summary Report
 |  -------------------
 |  t5570-git-daemon.sh                              (Wstat: 256 Tests: 20 Failed: 10)
 |    Failed tests:  3-7, 15-19
 |    Non-zero exit status: 1
 |  t5811-proto-disable-git.sh                       (Wstat: 256 Tests: 26 Failed: 16)
 |    Failed tests:  2-6, 9-11, 15-19, 21-23
 |    Non-zero exit status: 1
 |  Files=769, Tests=14137, 1101 wallclock secs ( 8.08 usr  1.12 sys + 144.48 cusr 63.42 csys = 217.10 CPU)
 |  Result: FAIL
 |  make[1]: *** [Makefile:45: prove] Error 1
 |  make[1]: Leaving directory '/build/git/src/git-2.12.2/t'
 |  make: *** [Makefile:2291: test] Error 2
 |  ==> ERROR: A failure occurred in check().
 |      Aborting...

This does not seem to be related to my change as the current version in Milky Way produces the same error (IOW the package currently in Milky Way is not rebuidable).

PackagesAnyUpdate RequestMediumHighMake Knock patch for Linux-libre 4.14 LTSUnconfirmed
0%
Task Description

The Knock patches for linux-libre maintained by you at https://git.hyperbola.info:50100/kernels/knock.git/ have support up to linux-libre 4.13 only (and I think it didn’t work for it when I tried it, compilation failed) but from all of those supported versions, the newest maintained generation by the upstream is 4.9.x

However, since newer kernel generations might require reprogramming the patch, I want to request it only for the latest LTS generation which is 4.14. As you know, LTS software are supported for a long time, so it’s worth to make it for linux-libre 4.14.x

This might not be really important for Hyperbola in the short term, but you are the maintainers of the TCP Stealth implementation for Linux-libre and I and maybe other people would like to use it in their projects for newer versions.

Plus, it would be great since while 4.9 kernels can use the GRSec+Knock combination like linux-libre-lts-unofficial-grsec-knock, with support for 4.14 anyone would be able to use a combination of newer patches such as Linux-hardened+Knock (Linux-hardened supports 4.14 and 4.15 as of now) which is what I’d like to do.
https://github.com/copperhead/linux-hardened/releases

PackagesAnyUpdate RequestVery LowHigh[proj]: please update to latest versionUnconfirmed
0%
Task Description

Description:

https://proj4.org/index.html

This package have valuable geodetic applications, and I intend to present Hyperbola GNU/Linux-libre soon in universities and schools in East Africa.

The coordinate system there is not WGS84 and this package only in new version is providing the conversion from East African geographic coordinates to WGS84, and will be very usable in many industrial and private applications.

PackagesStableUpdate RequestVery LowMedium[cantarell-fonts] update package version to 0.111Unconfirmed
0%
Task Description

Prior version 0.0.25 and below are outdated.

Since version 0.100 and later, there are some changes being redesigned from scratch, added three new weights (including extra bold, light and thin) but not italic or oblique styles, AppStream metadata translations from contributors, and more.

See the version history releases for more details: https://gitlab.gnome.org/GNOME/cantarell-fonts/raw/master/NEWS

PackagesAnyUpdate RequestVery LowMedium[lmms] update package version to 1.2.0Unconfirmed
0%
Task Description

In the latest version, it has many more changes with new and improvement features, and fixes function issues since released as preview stage in every eight times per three years ago[1]. And also it is possible to rebuild package with sndio.

[1]: https://github.com/LMMS/lmms/releases/ (see all sections below from 1.2.0-RC1 to 1.2.0 in the version history releases)

PackagesAnyUpdate RequestVery LowHigh[mpv] request for package bumpUnconfirmed
0%
Task Description

Hello,

Would it be possible to get a package bump for mpv ?

Currently, Debian Buster (stable) uses 0.29.1-1. This would be great as it introduces many fixes and support for lua scripts I heavily use.
0.29.* requires a ffmpeg to 4.x series as well.

Thanks.

PackagesStableUpdate RequestVery LowLow[icewm] Upgrade package versionUnconfirmed
0%
Task Description

The current version of the package icewm within the Hyperbola-repositories is 1.3.8. The latest version is 1.6.3!
An update would be helpful as this window-manager follows absolutely the principles of the distribution Hyperbola itself, being simple and fast.

PackagesAnyUpdate RequestMediumHigh[php] is out of date/supportUnconfirmed
0%
Task Description

Description:

From official PHP page, our php 7.1 is out of support and security

Our package :
https://www.hyperbola.info/packages/extra/x86_64/php/

PHP page :
https://www.php.net/supported-versions.php

Showing tasks 451 - 485 of 485 Page 10 of 10<<First - 6 - 7 - 8 - 9 - 10

Available keyboard shortcuts

Tasklist

Task Details

Task Editing