|
Packages | Stable | Update Request | Very Low | Low | [icewm] Upgrade package version | Unconfirmed | |
Task Description
The current version of the package icewm within the Hyperbola-repositories is 1.3.8. The latest version is 1.6.3! An update would be helpful as this window-manager follows absolutely the principles of the distribution Hyperbola itself, being simple and fast.
|
|
Packages | Any | Bug Report | Very Low | Low | lightdm/lxdm bug | Unconfirmed | |
Task Description
It appears when I plug in my libreboot laptop x200 in, it appears to dim the screen and when its unplugged, the screen is bright again. Something peculiar is at work, I wondered if this could be fixed.
My assumption is it is related to lxdm or lightdm. Any thoughts?
I am currently using 0.4, so I don’t expect this to be a fast process, just when you get a chance okay?
|
|
Packages | Stable | Bug Report | Very Low | Critical | [smartmontools] update-smart-drivedb fails to update | Assigned | |
Task Description
smartmontools 6.5-1.hyperbola1
Error while trying to update smart-drivedb :
anon@test[~] update-smart-drivedb
External Link/usr/bin/update-smart-drivedb: download from branches/RELEASE_6_5_DRIVEDB failed (curl: exit 23)
/usr/bin/update-smart-drivedb: download from trunk failed (curl: exit 23)
|
|
Packages | Stable | Security Issue | Very Low | Critical | [lts-kernel][sec] filter /dev/mem access & restrict acc... | Unconfirmed | |
Task Description
These two options could be enabled :
Kernel hacking → [*] Filter access to /dev/mem [*] Filter I/O access to /dev/mem
Security options → [*] Restrict unprivileged access to the kernel syslog
|
|
Packages | Any | Freedom Issue | Very Low | Low | [hedgewars] Crash when starting a new singleplayer-camp... | Unconfirmed | |
Task Description
When trying to start a new campaign the complete game-engine is crashing with the following message:
Object::disconnect: Unexpected null parameter QCoreApplication::postEvent: Unexpected null receiver
As ghc and fpc should be removed in the near future it would be good to validate this or otherwise remove the game-package itself also.
|
|
Packages | Stable | Bug Report | Very Low | Low | [dhcpcd-ui] Adding icons from "Network-Manager Applet" | Unconfirmed | |
Task Description
When using the package for wireless connections no further icon is displayed without having the package [b]network-manager-applet[/b] installed.
|
|
Packages | Any | Security Issue | Very Low | High | [tigervnc] Multiple CVE | Researching | |
Task Description
https://www.openwall.com/lists/oss-security/2019/12/20/2
“This is a security release to fix a number of issues that were found by Kaspersky Lab. These issues affect both the client and server and could theoretically allow an malicious peer to take control over the software on the other side.”
|
|
Packages | Any | Security Issue | Very Low | Critical | [opensmtpd] CVE-2020-8794 | Unconfirmed | |
Task Description
Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/
Qualys Security Advisory
LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)
Summary Analysis ... Acknowledgments
We discovered a vulnerability in OpenSMTPD, OpenBSD’s mail server. This vulnerability, an out-of-bounds read introduced in December 2015 (commit 80c6a60c, “when peer outputs a multi-line response ...”), is exploitable remotely and leads to the execution of arbitrary shell commands: either as root, after May 2018 (commit a8e22235, “switch smtpd to new grammar”); or as any non-root user, before May 2018.
Because this vulnerability resides in OpenSMTPD’s client-side code (which delivers mail to remote SMTP servers), we must consider two different scenarios:
- Client-side exploitation: This vulnerability is remotely exploitable
in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.
- Server-side exploitation: First, the attacker must connect to the
OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).
We developed a simple exploit for this vulnerability and successfully tested it against OpenBSD 6.6 (the current release), OpenBSD 5.9 (the first vulnerable release), Debian 10 (stable), Debian 11 (testing), and Fedora 31.
The fix is delivered in OpenSMTPD 6.6.4p1, available here, which the developer recommends installing “AS SOON AS POSSIBLE.”
|
|
Packages | Any | Implementation Request | Very Low | Medium | [chdkptp] please add package to control Canon cameras | Unconfirmed | |
Task Description
CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.
Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.
Code is available via svn:
$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp
Copy chdkptp.sh and config.mk files to source tree then compile via make. chdkptp requires root privileges to connect to a camera.
|
|
Packages | Any | Implementation Request | Very Low | Low | [chdkptp] please add package to repos | Unconfirmed | |
Task Description
CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.
Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.
Code is available via svn:
$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp
Copy chdkptp.sh and config.mk files to source tree then compile via make. Requires root privileges to connect to a camera.
|
|
Packages | Stable | Security Issue | Very Low | Medium | [git] Multiple CVEs | Unconfirmed | |
Task Description
CVE-2020-5260 has been fixed very recently in Debian, so I thought I would apply this patch. However, I found out that security patches have not been applied for quite a while (I could account for at least 6 CVEs).
Considering that the version in Debian stretch (2.11.0) is the nearest version with security patches released by Debian and that git project oldest supported version is 2.17, I have used patches from Debian stretch to apply on 2.12.2 currently in Milky Way.
But I have the following error on check():
| *** prove ***
|
| Test Summary Report
| -------------------
| t5570-git-daemon.sh (Wstat: 256 Tests: 20 Failed: 10)
| Failed tests: 3-7, 15-19
| Non-zero exit status: 1
| t5811-proto-disable-git.sh (Wstat: 256 Tests: 26 Failed: 16)
| Failed tests: 2-6, 9-11, 15-19, 21-23
| Non-zero exit status: 1
| Files=769, Tests=14137, 1101 wallclock secs ( 8.08 usr 1.12 sys + 144.48 cusr 63.42 csys = 217.10 CPU)
| Result: FAIL
| make[1]: *** [Makefile:45: prove] Error 1
| make[1]: Leaving directory '/build/git/src/git-2.12.2/t'
| make: *** [Makefile:2291: test] Error 2
| ==> ERROR: A failure occurred in check().
| Aborting...
This does not seem to be related to my change as the current version in Milky Way produces the same error (IOW the package currently in Milky Way is not rebuidable).
|
|
Packages | Stable | Bug Report | Very Low | Critical | [gtk-2] Severe problems with GTK2-applications | Unconfirmed | |
Task Description
Description: Since the migration to xenocara there seems to be a bug with applications using GTK-2. From time to time there are crashes with assertion `!xcb_xlib_threads_sequence_lost’.
Looking into this a little bit more deep there are also other distributions affected and this is an upstream-bug. But the concrete situation is not that easy, while it could be also part of the library libX11 itself. Looking therefore here: https://bugs.launchpad.net/ubuntu/+source/pcmanfm/+bug/1782984
Affected are for example LXDE in general, icedove, iceweasel and many more!
|
|
Packages | Stable | Freedom Issue | Very Low | Critical | [keybase] Complete removal of tool | Unconfirmed | |
Task Description
There is only the source code of the client available and since years nothing more happened. With keybase joining “Zoom” nothing more seems to happen. Look also here in the forum: https://forums.hyperbola.info/viewtopic.php?id=368
|
|
Packages | Any | Update Request | Medium | High | [php] is out of date/support | Unconfirmed | |
Task Description
Description:
From official PHP page, our php 7.1 is out of support and security
Our package : https://www.hyperbola.info/packages/extra/x86_64/php/
PHP page : https://www.php.net/supported-versions.php
|
|
Packages | Any | Freedom Issue | Very Low | High | Synergy en teclado en español no tiene tildes ni ñ | Unconfirmed | |
Task Description
Description: Share a single mouse and keyboard between multiple computers, with libressl and OpenRC support
Issue: Synergy no es capas de trasmitir tildes ni eñes y demás caracteres del español españa
Additional info: * package version(s): community/synergy 1.8.8-2.hyperbola1 * config and/or log files etc.
Steps to reproduce: instalarar synergy en 2 PCs con hyperbola 0.3, he intentar escribir tildes, no funcionará...
|
|
Packages | Any | Feature Request | Defer | Low | [php-imagick] add package | Unconfirmed | |
Task Description
php-imagick is an optdepends for many PHP webapps like Nextcloud and Wordpress, would be good to have itin Hyperbola, Arch added it last year
|
|
Packages | Any | Security Issue | Very High | Critical | [grub2] UEFI SecureBoot vulnerability + multiple flaws ... | Unconfirmed | |
Task Description
https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/
https://9to5linux.com/grub2-boot-failure-issues-fixed-in-debian-and-ubuntu-update-now
|
|
Packages | Any | Backport Request | Very Low | Low | elogind package | Unconfirmed | |
Task Description
Description: Was wondering if there is any issue in terms of freedom andor privacy for the inclusion of elogind? Feedback will be apreciated Cheers.
this was recently implemented in gentoo.
source: https://libregit.org/i3_relativism/elogind
references: https://blogs.gentoo.org/leio/2019/03/26/gnome-3-30/#comment-9555 https://forums.gentoo.org/viewtopic-t-1094796.html
contact gentoo developer for help in implementation: https://wiki.gentoo.org/wiki/User:Leio/TODO
|
|
Packages | Any | Security Issue | Very Low | Medium | mount.davfs: unknown file system davfs due to paths cha... | Unconfirmed | |
Task Description
This is same issue as on: https://bugzilla.redhat.com/show_bug.cgi?id=1151273
The paths changed and trying to mount davfs file system defined in /etc/fstab fails with error: unknown file system davfs
To remedy, I made symlink in /sbin to mount.davfs
The transition of paths had to take that in account as many mounted remote disks failed after upgrade.
|
|
Packages | Stable | Bug Report | Very Low | Medium | Untrsuted gpg key | Unconfirmed | |
Task Description
Description: There is an issue with Christian Rebischke key, i’ve tried to delete /etc/pacman.d/gnupg/ and repopulate it but it doesn’t fix the issue.
error: ascii: signature from “Christian Rebischke (Arch Linux Security Team-Member) Chris.Rebischke@archlinux.org” is unknown trust File /var/cache/pacman/pkg/ascii-3.15-2-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Steps to reproduce:
sudo pacman -S ascii
|
|
Packages | Stable | Update Request | Very Low | Medium | [varnish] Missing init script | Unconfirmed | |
Task Description
Description:
Init script is missing for this package.
I think has some systemd dependecies.
/tmp/alpm_sYmHUS/.INSTALL: line 7: systemd-sysusers: command not found error: command failed to execute correctly
package version: varnish-5.1.2-1
|
|
Services | HyperWiki/DokuWiki | Implementation Request | Medium | Medium | Libreboot hardening grub guide | Unconfirmed | |
Task Description
I don’t know if this is the best place for this, but I get stuck on the hardening the grub guide from libreboot,
https://libreboot.org/docs/gnulinux/grub_hardening.html
I wondered if there is anything different that needs to be done to get this part done:
gpg –homedir keys –detach-sign my.initramfs gpg –homedir keys –detach-sign my.kernel gpg –homedir keys –detach-sign libreboot_grub.cfg gpg –homedir keys –detach-sign my.grubtest.cfg
it gives me a bunch of weird errors
|
|
Services | HyperWeb Issue | Bug Report | Very Low | Low | RSS needs fixing | Unconfirmed | |
Task Description
Seems deleted items reappearing in the Hyperbola feeds since it gives its feed items empty ID string.
|
|
Services | Wiki Page Issue | Implementation Request | Very Low | Medium | Add notification/subscription capabilities when a page ... | Unconfirmed | |
Task Description
After talking to Emulatorman, we think this would be a nice feature to add to our Hyperwiki to be able to subscribe to the original page in English to help tracking changing to the translated pages. This implies to add the email notifications to the dokuwiki system
|
|
Services | Flyspray Issue | Implementation Request | Very Low | Low | Setting avatar picture on flyspry at issues.hyperbola.i... | Unconfirmed | |
Task Description
So avatar uploading is not working well, and picture is getting minimized to nothing.
|
|
Services | Wiki Page Issue | Bug Report | Very Low | High | HTML design on Wiki not readable | Unconfirmed | |
Task Description
The wiki pages look really too narrow and not readable on even half a screen of the laptop.
|
|
Services | General | Feature Request | Very Low | Low | hyperbola branding - add guidelines to packages | Unconfirmed | |
Task Description
I could not find any regarding using arch or other branded themes. Parabola apparently rebrands some stuff in their libre repository, eg. they have their own parabola-themes-slim package for slim based themes.
https://issues.hyperbola.info/index.php?do=details&task_id=1213&opened=24&status[0]=
|
|
Services | HyperWiki/DokuWiki | Implementation Request | Very Low | Medium | Provide binaries for the Ice*-UXP applications in their... | Unconfirmed | |
Task Description
This would ease their usage on other distros.
|
|
Services | Flyspray Issue | Bug Report | Very Low | Medium | [Flyspray] long tags break the backend | Unconfirmed | |
Task Description
When I was adding this task, I put some long tags on it (html form allowed that) and got an error concerning too long tags field to fit in an sql datatype (max is 40 chars). Task got added anyway (just without tags). I didn’t know that and created it again.
|
|
Services | HyperWeb | Bug Report | Very Low | Medium | The Mailling list don't work | Unconfirmed | |
Task Description
The Mailling list don't work : https://lists.hyperbola.info//mailman/listinfo/
|
|
Services | Mail Service Issue | Bug Report | Very Low | Medium | Cannot send emails to hyperbola.info addresses | Unconfirmed | |
Task Description
Hi,
My email server (riseup.net) fails to deliver emails to hyperbola.info. Here’s the error message coming in the returned email:
Reporting-MTA: dns; mx1.riseup.net
X-Postfix-Queue-ID: 49vvwD4xQnzFf2F
X-Postfix-Sender: rfc822; xxxxx@riseup.net
Arrival-Date: Sun, 28 Jun 2020 08:40:44 -0700 (PDT)
Final-Recipient: rfc822; xxxxx@hyperbola.info
Original-Recipient: rfc822;xxxxx@hyperbola.info
Action: failed
Status: 4.7.5
Diagnostic-Code: X-Postfix; Server certificate not verified
This problem did not occur last time I sent emails to a hyperbola.info account (December 2019). It does not happen with any other destination email server. My guess is that something isn’t properly configured in your server. If you conclude that this is a riseup.net problem, let me know and I’ll open a bug report with them.
|
|
Services | Mail Service Issue | Security Issue | Very Low | High | Please "support" TLS 1.2 instead of requiring it for em... | Unconfirmed | |
Task Description
The requirement for TLS 1.2 in email effectively isolated us from internet, and yelling for change isn’t working even in communications with other free/libre system distributions and mailing lists related to free/libre software (both for software and for discussions related to the movement itself). :)
Many mailing lists at gnu.org, fsf.org, fsfla.org, libreplanet.org, and also in other free/libre system distributions aren’t accessible (e.g.: Trisquel).
|
|
Services | Flyspray Issue | Security Issue | Very Low | Low | After account confirmation, crypt: No salt parameter wa... | Unconfirmed | |
Task Description
After confirming the newly created account (typing the confirmation code, the passwoard and its confirmation, and clicking the button to continue), the following error appears:
Notice: crypt(): No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash. in /srv/http/flyspray/includes/class.flyspray.php on line 656
The account login seems to work normaly.
|
|
Services | Mail Service Issue | Feature Request | Very Low | Low | Support RFC 3461: Delivery Status Notifications (DSNs) | Unconfirmed | |
Task Description
The RFC 3461 would allow Hyperbola email accounts to request the destination email providers to point out if an email was successfully delivered.
It might not cover all transport failures, but at least has a chance to know in advance whether the message was delivered, discarding the events that happen afterwards (be it to the main inbox or subject to filtering rules such as moving to other folder, marking as spam or deleted after receipt).
|
|
Services | PunBB Issue | Bug Report | Very Low | Low | hyperbola forum smtp error and profile update | Unconfirmed | |
Task Description
here i will report 2 issues and one change to make issues: 1- there is a failed smtp error with post and reply 2- in the forum profile one cant add website with .xyz domain name
the change: 1- with pgp key one would add a short key link just like what was mentioned in here: https://forums.hyperbola.info/viewtopic.php?pid=2639#p2639
|
|
Software Development | HyperTools | Implementation Request | Low | Low | [hypertools] create libretools replacement for Hyperbol... | Deferred | |
Task Description
Create hypertools to replace libretools package for HyperbolaBSD and GNU/Linux
It’s long period to develop this package. For now, a systemd-nspawn wrapper is being developed for “libretools”[0]
[0]:https://issues.hyperbola.info/index.php?do=details&task_id=86
|
|
Software Development | Iceweasel-UXP | Implementation Request | Defer | Low | Swiftweasel-UXP theme for Iceweasel-UXP | Unconfirmed | |
Task Description
Description: Historically, Swiftweasel was a Firefox-based application built on XUL platform around 2007 and abandoned in 2010. It was optimized for several architectures using the following methods such as the Profile-Guided Optimization (PGO) and binary code optimization for computers with limited resources.
Since there are users encouraging us develop a Palemoon-based application , and Swiftweasel contains non-trademarked graphics and logos, we could port Swiftweasel to UXP platform as theme for Iceweasel-UXP.
|
|
Software Development | Icedove-UXP | Implementation Request | Defer | Low | Swiftdove-UXP theme for Icedove-UXP | Unconfirmed | |
Task Description
Description: Historically, Swiftdove was a Thunderbird-based application built on XUL platform around 2007 and abandoned in 2010. It was optimized for several architectures using the following methods such as the Profile-Guided Optimization (PGO) and binary code optimization for computers with limited resources.
Since FossaMail may potentially be revived on UXP in the future [0] and Swiftdove contains non-trademarked graphics and logos, we could port Swiftdove to UXP platform as theme for Icedove-UXP.
|
|
Software Development | Iceweasel-UXP | Backport Request | Very Low | Medium | Request browser add-on: New Tab Tools | Unconfirmed | |
Task Description
Name: New Tab Tools Version: 81 (compatible Firefox version 52) Source code: Github Description: Customize Firefox’s. Tabs Page
https://github.com/darktrojan/newtabtools
https://addons.mozilla.org/en-US/firefox/addon/new-tab-tools/
|
|
Software Development | Iceweasel-UXP | Backport Request | Very Low | Very Low | Request browser add-on: FireGestures | Unconfirmed | |
Task Description
Name: FireGestures Version: 1.11.1 (compatible Firefox version 52) Source code: Github Description: A customizable mouse gestures extension which enables to execute various commands and user scripts with six types of gestures.
https://github.com/gomita/firegestures/
https://addons.mozilla.org/en-US/firefox/addon/firegestures/
|
|
Software Development | General | Implementation Request | Very High | Critical | POWER (ppc64le) porting | Deferred | |
Task Description
The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .
Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.
For the future of free computing, we need support architectures that do not come with such malware pre-installed, and the Power9-based Talos II promises to be a great architecture example for workstations and servers environments where Hyperbola is focused since is a fully free long-term support distribution.
Devices like this are the future of computing that Respects Your Freedom and for that reason it’s a high priority for Hyperbola port all packages for the POWER architecture (power64le).
NOTE: POWER porting is focused only for Hyperbola GNU/Linux-libre .
|
|
Software Development | General | Implementation Request | Very High | Critical | ARM (aarch and armv7h) porting | Deferred | |
Task Description
The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .
Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.
For the future of free computing, we need support architectures that do not come with such malware pre-installed, and ARM A7/A53 promises to be a great architecture example for low-power computers, laptops and embedded systems.
NOTE: ARM porting is focused only for HyperbolaBSD .
|
|
Software Development | General | Implementation Request | Defer | Critical | RISC-V (riscv64) porting + multilib support | Deferred | |
Task Description
The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .
Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.
For the future of free computing, we need support architectures that do not come with such malware pre-installed, and RISC-V promises to be a great architecture example for low-power computers, laptops and embedded systems, also as ARM architecture replacement.
Devices like this are the future of computing that Respects Your Freedom and for that reason it’s a high priority for Hyperbola port all packages for the RISC-V architecture (riscv64) with multilib support.
NOTE: RISC-V porting is focused only for Hyperbola GNU/Linux-libre .
|
|
Software Development | Icedove-UXP | Bug Report | Very Low | Medium | CardBook addon make icedove crash wen adding or editing... | Unconfirmed | |
Task Description
the cardbook version is 30.9 i tried with vcard 4.0 and vcard 3.0 same issue editing or creating a contact makes icedove-uxp crash!
|