|
Packages | Any | Implementation Request | Very Low | High | [glom]: should depend on libgda | Unconfirmed | |
Task Description
Description:
glom cannot run without libgda, so it should depend on libgda package
|
|
Packages | Any | Implementation Request | Very Low | Medium | [gitea] self-hosted git service | Assigned | |
Task Description
Description:
A nice Git service would be welcomed in our pacman.
- https://github.com/go-gitea/gitea
- https://www.archlinux.org/packages/community/x86_64/gitea/
|
|
Packages | Any | Implementation Request | Very Low | Low | [exifread] add package | Unconfirmed | |
Task Description
Hello,
Could it be possible to add this package :
exifread
“Python library to extract EXIF data from tiff and jpeg files”
https://aur.archlinux.org/packages/exifread/
Thanks
|
|
Packages | Any | Implementation Request | Very Low | Low | [obmenu-generator] add package | Unconfirmed | |
Task Description
Could it be possible to add :
obmenu-generator
A fast pipe/static menu generator for the Openbox Window Manager (with icons support)
License : GPL3
https://github.com/trizen/obmenu-generator https://www.parabola.nu/packages/pcr/x86_64/obmenu-generator/
Thanks
|
|
Packages | Any | Implementation Request | Very Low | Low | [sayonara] add package | Unconfirmed | |
Task Description
Hello,
I stumbled upon this music player recently, it is very promising and fully free (GPL3)
“Sayonara is a small, clear and fast audio player for Linux written in C++, supported by the Qt framework. It uses GStreamer as audio backend. Sayonara is open source and uses the GPLv3 license. One of Sayonara’s goals is intuitive and easy usablility. Currently, it is only available for Linux and BSD.
Although Sayonara can be considered as a lightweight player, it holds a lot of features in order to organize even big music collections.”
Latest version is 1.1.1 and it is very stable on my hyperbola system. I think it would be a great addition to Hyperbola repo.
https://sayonara-player.com/
A PKGBUILD is available here :
https://sayonara-player.com/sw/arch_linux/PKGBUILD
|
|
Packages | Any | Implementation Request | Very High | High | [murmur-headless] add a Murmur package capable of worki... | In Progress | |
Task Description
Description:
Add new a Murmur package capable of working without a graphical user interface. It’s common on servers and embedded devices that requires only interfaces like network (eg. SSH) or serial port to handle services.
Additional info:
Steps to reproduce:
|
|
Packages | Any | Implementation Request | Very High | High | [asterisk-headless] add an Asterisk package capable of ... | In Progress | |
Task Description
Description:
Add an Asterisk package capable of working without a graphical user interface. It’s common on servers and embedded devices that requires only interfaces like network (eg. SSH) or serial port to handle services.
Additional info:
Steps to reproduce:
|
|
Packages | Any | Implementation Request | Very High | Medium | [coturn] add new package | Unconfirmed | |
Task Description
Description:
Additional info:
Steps to reproduce:
|
|
Packages | Any | Implementation Request | Very High | Medium | [mediagoblin] add GNU MediaGoblin package | Unconfirmed | |
Task Description
Description:
Additional info:
Steps to reproduce:
|
|
Packages | Any | Implementation Request | Very Low | Medium | [foxtrotgps] please add package to repos | Unconfirmed | |
Task Description
Unlike other mapping software (gnome-maps, emerillon) it does not depend on geoclue/geoclue2 (or on kde packages like marble). The package was added to Arch’s official repos over a year ago. Their PKGBUILD builds fine.
|
|
Packages | Any | Implementation Request | Very Low | Medium | [peertube] Add new Package | Unconfirmed | |
Task Description
Description:
Hi guys. Could they add PeerTube to Hyperbola?
It’s on AUR.
Under the AGPLv3 license
Additional info:
I see that the PeerTube help configuration with an init.d
|
|
Packages | Any | Implementation Request | Very Low | Medium | [purple-matrix] Please add package | Unconfirmed | |
Task Description
Package is a libpurple plugin for the Matrix protocol which is consistent with Hyperbola’s social contract as Matrix is a federated protocol.
Source code can be found here licensed under GPLv2:
https://github.com/matrix-org/purple-matrix
PKGBUILD for git version is available here (last stable release is from two years ago so git version is probably the best version to use):
https://aur.archlinux.org/packages/purple-matrix-git/
|
|
Packages | Any | Implementation Request | Very Low | Medium | [i3-gaps] Add new package | Unconfirmed | |
Task Description
Description: i3-gaps is a fork of i3 that properly implements gaps.
Additional info: It is implemented in the AUR https://www.archlinux.org/packages/community/x86_64/i3-gaps/ and it’s source is available on github: https://github.com/Airblader/i3
|
|
Packages | Any | Implementation Request | Very Low | Low | [mkv-extractor-qt] add package | Unconfirmed | |
Task Description
Could it be possible to add :
mkv-extractor-qt
“Graphical MKV demultiplexer”
https://aur.archlinux.org/packages/mkv-extractor-qt/
License: GPL3
Thanks
|
|
Packages | Any | Implementation Request | Very Low | Low | [vidcutter] add package | Unconfirmed | |
Task Description
Could it be possible to add :
vidcutter
“A modern, simple to use, constantly evolving and hella fast MEDIA CUTTER + JOINER w/ frame-accurate SmartCut technology + Qt5, libmpv, FFmpeg and MediaInfo powering the backend.”
License : GPL3
https://aur.archlinux.org/packages/vidcutter/
https://vidcutter.ozmartians.com/
|
|
Packages | Any | Implementation Request | Very Low | Medium | Privacy Settings for Iceape | Unconfirmed | |
Task Description
This addon works for any firefox based browser but not seamonkey based or this.
I wondered if you could implement the iceweasel one for Iceape.
|
|
Packages | Any | Implementation Request | Very Low | Medium | [midori] please re-add new releases | Unconfirmed | |
Task Description
The security issues regarding the package which led to the package’s removal from Hyperbola (old WebKit and Vala dependency) have apparently been resolved in recent releases, see the new comment in this bug report and the latest PKGBUILD in Arch’s repo.
https://launchpad.net/bugs/1698483
https://www.archlinux.org/packages/community/x86_64/midori/
|
|
Packages | Any | Implementation Request | Very Low | Low | [qarte] add package | Unconfirmed | |
Task Description
Request for :
qarte
“Allow you to browse into the archive of arte+7 & arteLiveWeb sites and to record your prefered videos.”
https://aur.archlinux.org/packages/qarte
License : GPL3
|
|
Packages | Any | Implementation Request | Very Low | Medium | [nnn] package request | Unconfirmed | |
Task Description
This is a request to package nnn - a full-featured terminal file manager for low-end devices and the regular desktop.
nnn is available on Debian, Ubuntu (and family), Fedora, OpenSUSE and Arch Linux.
Homepage: https://github.com/jarun/nnn License: BSD 2-Clause
I would highly appreciate if nnn can be added to the repository.
|
|
Packages | Any | Implementation Request | Very Low | Medium | Support of MPTCP (Multipath TCP) on Hyperbola | Unconfirmed | |
Task Description
Patch for 4.9 : https://multipath-tcp.org/patches/mptcp-v4.9-c88d1d56809e.patch
AUR : https://aur.archlinux.org/packages/linux-mptcp/
|
|
Packages | Any | Implementation Request | Very Low | High | Add MPTCP (MultiPath TCP) to Hyperbola | Unconfirmed | |
Task Description
https://aur.archlinux.org/packages/linux-mptcp/
Kernel Patch for 4.9 : http://multipath-tcp.org/patches/mptcp-v4.9-c88d1d56809e.patch
Compile : https://multipath-tcp.org/pmwiki.php/Users/DoItYourself
|
|
Packages | Any | Implementation Request | Low | Low | [opmsg] add new package | Researching | |
Task Description
Description: opmsg is a replacement for gpg which can encrypt/sign/verify your mails or create/verify detached signatures of local files. Even though the opmsg output looks similar, the concept is entirely different.
Additional info: https://aur.archlinux.org/packages/opmsg/
|
|
Packages | Any | Implementation Request | Very Low | Low | [xfce4-alsa-plugin] add package | Unconfirmed | |
Task Description
Please add xfce4-alsa-plugin (to get rid of pulseaudio plugin on xfce)
License: GPL3
https://aur.archlinux.org/packages/xfce4-alsa-plugin/ https://github.com/equeim/xfce4-alsa-plugin
|
|
Packages | Any | Implementation Request | Very Low | Medium | [SPF][postfix] implement pypolicyd-spf and postfix-poli... | Unconfirmed | |
Task Description
Description: Hyperbola has the following SPF implementations: * libspf2 * perl-mail-spf * perl-mail-spf-query
However, none of them work out of the box with postfix. There’s postfix-policyd-spf-perl, which uses one the current perl implementations (perl-mail-spf), takes no time to build and all the dependencies are already satisfied with Hyperbola’s packages
Here I made a PKGBUILD that’s compliant with the packaging standards:
pkgname=postfix-policyd-spf-perl
pkgver=2.011
pkgrel=1
pkgdesc='Postfix SPF policy engine, written in Perl'
arch=(i686 x86_64)
url='https://launchpad.net/postfix-policyd-spf-perl/'
license=(GPL)
depends=(perl-mail-spf perl-netaddr-ip perl-sys-hostname-long)
source=("https://launchpad.net/postfix-policyd-spf-perl/trunk/${pkgver}/+download/${pkgname}-${pkgver}.tar.gz"{,.asc})
sha512sums=('22fc00bf74912056a67e937a460ac1fd878f1cb1a3bfa7b19bc5f1e6bc1c36d815dcf8c945e818d242ed5e72a6295bb0e1569446e06b09aefb2842993b8016ba'
'SKIP')
validpgpkeys=(E7729BFFBE85400FEEEE23B178D7DEFB9AD59AF1) # Scott Kitterman
package() {
cd "${pkgname}-${pkgver}"
install -Dm755 "${pkgname}" "${pkgdir}/usr/libexec/postfix/${pkgname}"
install -Dm644 CHANGES INSTALL README -t "${pkgdir}/usr/share/doc/${pkgname}"
install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}
in the other hand, to give users the possibility of having more options, we could add pypolicyd-spf (AUR), which depends in pyspf (AUR) and other packages that Hyperbola has. In fact, ArchWiki talks about this implementation, but this might not be relevant.
|
|
Packages | Any | Implementation Request | Very Low | Low | [emacs-exwm] add package | Assigned | |
Task Description
Some users use emacs as a tiling window manager. Please add EXWM[0]
[0]: https://github.com/ch11ng/exwm
|
|
Packages | Any | Implementation Request | Very Low | Low | [SafeEyes] add new package | Assigned | |
Task Description
Safe Eyes is a program to manage breaks in front of the computer. It has many features that help us adapt it to our needs.
|
|
Packages | Any | Implementation Request | Very Low | Medium | [chdkptp] please add package to control Canon cameras | Unconfirmed | |
Task Description
CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.
Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.
Code is available via svn:
$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp
Copy chdkptp.sh and config.mk files to source tree then compile via make. chdkptp requires root privileges to connect to a camera.
|
|
Packages | Any | Implementation Request | Very Low | Low | [chdkptp] please add package to repos | Unconfirmed | |
Task Description
CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.
Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.
Code is available via svn:
$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp
Copy chdkptp.sh and config.mk files to source tree then compile via make. Requires root privileges to connect to a camera.
|
|
Packages | Any | Privacy Issue | Very Low | Medium | [avahi] avahi publishes the hostname by default | Unconfirmed | |
Task Description
By default, the ‘disable-publishing’ parameter in the [publish] section of avahi-daemon.conf is set to ‘no’, which can be seen in my opinion as a privacy issue as avahi broadcasts the hostname without the user’s consent even though this has been explicitly disabled in the settings of networkmanager.
|
|
Packages | Any | Privacy Issue | Very Low | Low | [purple-plugin-pack] Provides Napster support which is ... | Unconfirmed | |
Task Description
purple-plugin-pack provides access to Napster which is only useful with a single company and sever (as far as I could tell).
|
|
Packages | Any | Privacy Issue | Very Low | Low | [github] check github-related packages | Researching | |
Task Description
We should check if the following packages run any non-free JS (like youtube-dl) or access a proprietary API:
- hub - python-pygithub - python2-pygithub
I haven’t check them, but they look fishy. Take it as a reminder, this is far from being urgent IMO.
|
|
Packages | Any | Privacy Issue | Very Low | Critical | [bleachbit] needs to be adapted to UXP applications | Assigned | |
Task Description
The current version of BleachBit needs to be adapted so it can clean the new .cache/hyperbola/ directory.
|
|
Packages | Testing | Replace Request | Very Low | Medium | replace request: NetworkManager with wpa_cute | Unconfirmed | |
Task Description
https://github.com/loh-tar/wpa-cute/releases
I know there are plans to remove NetworkManager. I wondered if we could replace it in 0.4 with Wpa_Cute. seen in the above link.
I haven’t been able to compile it, but it has been updated as recent as 2018 december (stable)
or 2019 january. :)
WPA_GUI doesn’t seem to work well for me, it runs into weird errors when I start it. Long story short, I run into this issue with wpa_supplicant when i do it manually:
https://wiki.archlinux.org/index.php/Wpa_supplicant:
Password-related problems
wpa_supplicant may not work properly if directly passed via stdin particularly long or complex passphrases which include special characters. This may lead to errors such as failed 4-way WPA handshake, PSK may be wrong when launching wpa_supplicant.
In order to solve this try using here strings wpa_passphrase <MYSSID> «< “<passphrase>” or passing a file to the -c flag instead:
# wpa_supplicant -i <interface> -c /etc/wpa_supplicant/example.conf
In some instances it was found that storing the passphrase cleartext in the psk key of the wpa_supplicant.conf network block gave positive results (see [2]). However, this approach is rather insecure. Using wpa_cli to create this file instead of manually writing it gives the best results most of the time and therefore is the recommended way to proceed. Problems with eduroam and other MSCHAPv2 connections
This is my issue with wpa_supplicant sadly... and I do not know how to workaround that without a GUI.
but Wpa_Supplicant_gui does not fix it either, it doesn’t even load properly on my other laptop.
It says it cannot get the status of wpa_supplicant when I load it.
This could be an issue if you get rid of NetworkManager for some users.
So yeah, please take a look at my request okay? Wait for 0.3 to be released to add this if possible. I know you guys are overworked, etc... and it doesn’t need to be done now anyhow. ;)
|
|
Packages | Stable | Replace Request | Very Low | Medium | Package ossp has got systemd dependencies | Unconfirmed | |
Task Description
Description: Concurrent package ossp in version 1.3.2-15 has got dependencies to systemd, which is contradicting the whole distribution and the used INIT-system. Therefore my request to port this to OpenRC!
Additional info: * package version(s) 1.3.2-15
|
|
Packages | Any | Replace Request | Low | Low | [appmenu-qt4] replace with appmenu-qt (qt5) | Deferred | |
Task Description
“appmenu-qt4”[0][2] is a deprecated package (release in 2012)[1] and use qt4 unsupported/non-lts software[3], but “appmenu-qt5” not contains any release source code[2]
$ pacman -Si appmenu-qt4 Repository : community Name : appmenu-qt4 Version : 0.2.6-1 Description : Export Qt4 applications menus over D-Bus Architecture : x86_64 URL : https://launchpad.net/appmenu-qt Licenses : GPL Groups : None Provides : None Depends On : libdbusmenu-qt4 Optional Deps : None Conflicts With : appmenu-qt Replaces : appmenu-qt Download Size : 16.55 KiB Installed Size : 48.00 KiB Packager : Antonio Rojas arojas@archlinux.org Build Date : Tue 28 Feb 2017 05:59:31 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://launchpad.net/appmenu-qt (qt4) [1]:https://launchpad.net/appmenu-qt/+download [2]:https://launchpad.net/appmenu-qt5 [3]:https://en.wikipedia.org/wiki/Qt_5.6_LTS
|
|
Packages | Any | Replace Request | Defer | Critical | [bzr] replace deprecated GNU Bazaar to Brezy | Deferred | |
Task Description
Description:
replace deprecated GNU Bazaar to Brezy for Canis Major
Additional info:
bzr 2.7.0-2
GNU Bazaar will be unmaintained (for now, there are only bug fixes)
GNU Bazaar only supports Python 2.
-
-
-
Note: It needs a provide: bazaar and brezy
Steps to reproduce:
|
|
Packages | Stable | Security Issue | Very Low | Critical | [lts-kernel][sec] filter /dev/mem access & restrict acc... | Unconfirmed | |
Task Description
These two options could be enabled :
Kernel hacking → [*] Filter access to /dev/mem [*] Filter I/O access to /dev/mem
Security options → [*] Restrict unprivileged access to the kernel syslog
|
|
Packages | Stable | Security Issue | Very Low | Medium | [git] Multiple CVEs | Unconfirmed | |
Task Description
CVE-2020-5260 has been fixed very recently in Debian, so I thought I would apply this patch. However, I found out that security patches have not been applied for quite a while (I could account for at least 6 CVEs).
Considering that the version in Debian stretch (2.11.0) is the nearest version with security patches released by Debian and that git project oldest supported version is 2.17, I have used patches from Debian stretch to apply on 2.12.2 currently in Milky Way.
But I have the following error on check():
| *** prove ***
|
| Test Summary Report
| -------------------
| t5570-git-daemon.sh (Wstat: 256 Tests: 20 Failed: 10)
| Failed tests: 3-7, 15-19
| Non-zero exit status: 1
| t5811-proto-disable-git.sh (Wstat: 256 Tests: 26 Failed: 16)
| Failed tests: 2-6, 9-11, 15-19, 21-23
| Non-zero exit status: 1
| Files=769, Tests=14137, 1101 wallclock secs ( 8.08 usr 1.12 sys + 144.48 cusr 63.42 csys = 217.10 CPU)
| Result: FAIL
| make[1]: *** [Makefile:45: prove] Error 1
| make[1]: Leaving directory '/build/git/src/git-2.12.2/t'
| make: *** [Makefile:2291: test] Error 2
| ==> ERROR: A failure occurred in check().
| Aborting...
This does not seem to be related to my change as the current version in Milky Way produces the same error (IOW the package currently in Milky Way is not rebuidable).
|
|
Services | Mail Service Issue | Security Issue | Very Low | High | Please "support" TLS 1.2 instead of requiring it for em... | Unconfirmed | |
Task Description
The requirement for TLS 1.2 in email effectively isolated us from internet, and yelling for change isn’t working even in communications with other free/libre system distributions and mailing lists related to free/libre software (both for software and for discussions related to the movement itself). :)
Many mailing lists at gnu.org, fsf.org, fsfla.org, libreplanet.org, and also in other free/libre system distributions aren’t accessible (e.g.: Trisquel).
|
|
Services | Flyspray Issue | Security Issue | Very Low | Low | After account confirmation, crypt: No salt parameter wa... | Unconfirmed | |
Task Description
After confirming the newly created account (typing the confirmation code, the passwoard and its confirmation, and clicking the button to continue), the following error appears:
Notice: crypt(): No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash. in /srv/http/flyspray/includes/class.flyspray.php on line 656
The account login seems to work normaly.
|
|
Packages | Any | Security Issue | Medium | Medium | [cinepaint] unmaintained and unsupportable | In Progress | |
Task Description
Remove “cinepaint” package since it’s unmaintained and unsupportable. Also, it doesn’t contains any file format support in the latest version (previous version supported multiple file formats).
I suggest use Krita (or Gimp 2.10) to edit 16bit and 32bit file formats or convert with imagemagick/graphicsmagick.
$ pacman -Si cinepaint
Repository : community
Name : cinepaint
Version : 1:1.0.4-5
Description : Sophisticated graphics manipulation programm supporting > 8bit pictures
Architecture : x86_64
URL : http://www.cinepaint.org
Licenses : LGPL GPL MIT
Groups : None
Provides : None
Depends On : gtk2 openexr lcms libxpm fltk ftgl libxxf86vm
Optional Deps : python2: for python plug-ins
gutenprint: for print plug-ins
ghostscript: for pdf plug-ins
Conflicts With : None
Replaces : None
Download Size : 3.75 MiB
Installed Size : 13.91 MiB
Packager : Christian Hesse <arch@eworm.de>
Build Date : Thu 28 Apr 2016 05:17:05 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Packages | Any | Security Issue | Very High | Critical | [avahi] blacklist package since it's a zeroconf impleme... | In Progress | |
Task Description
Avahi is a zero-configuration networking implementation that contains critical security issues because mDNS operates under a different trust model than unicast DNS trusting the entire network rather than a designated DNS server, it is vulnerable to spoofing attacks by any system within the multicast IP range. Like SNMP and many other network management protocols, it can also be used by attackers to quickly gain detailed knowledge of the network and its machines. [0]
Since it violates the Hyperbola Social Contract , Avahi should be blacklisted.
|
|
Packages | Any | Security Issue | Medium | Medium | [openssh] CVE-2018-15919 | Researching | |
Task Description
Remotely observable behavior in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states ‘We understand that the OpenSSH developers do not want to treat such a username enumeration (or “oracle”) as a vulnerability.’ https://security-tracker.debian.org/tracker/CVE-2018-15919
|
|
Packages | Any | Security Issue | Very Low | High | [octopi] requires su | Unconfirmed | |
Task Description
would it be possible to make it use sudo instead?
From what I know, sudo is safer. Let me know if you agree this is a problem.
|
|
Packages | Any | Security Issue | Very Low | Medium | [patch] CVE-2018-6951 - NULL pointer DoS | Assigned | |
Task Description
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a “mangled rename” issue.
https://security-tracker.debian.org/tracker/CVE-2018-6951
|
|
Packages | Any | Security Issue | Very Low | Medium | [qemu] Multiple CVE | Unconfirmed | |
Task Description
CVE-2018-20123 QEMU: pvrdma: memory leakage in device hotplug https://www.openwall.com/lists/oss-security/2018/12/13/4
CVE-2018-16872 Qemu: usb-mtp: path traversal by host filesystem manipulation in Media Transfer Protocol (MTP) https://www.openwall.com/lists/oss-security/2018/12/13/11
Patches included at above URLs.
|
|
Packages | Any | Security Issue | Medium | Critical | [libjpeg-turbo] CVE-2019-2201 | Researching | |
Task Description
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation
https://security-tracker.debian.org/tracker/CVE-2019-2201
Patch: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388
|
|
Packages | Any | Security Issue | Very Low | Medium | Download debian-fixes instead of relying on external so... | Unconfirmed | |
Task Description
It happened already with minetest and again with prosody: When trying to build own packages with makepkg there are patches downloaded from the Debian-project. But the given HTTP(S)-sources are no longer available, concrete example within prosody to be found: https://deb.debian.org/debian/pool/main/p/prosody/prosody_0.10.2-1~bpo9+1.debian.tar.xz (not available)
Please don’t rely on those external sources when creating PKGBUILD-files or just give users the possibility for a secure and granted download. Therefore I cannot build prosody on my own now!
|
|
Packages | Any | Security Issue | Very Low | Critical | [unbound] Multiple CVEs | Assigned | |
Task Description
https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/
[Critical] https://security-tracker.debian.org/tracker/CVE-2019-18934
|
|
Packages | Any | Security Issue | Very Low | High | [tigervnc] Multiple CVE | Researching | |
Task Description
https://www.openwall.com/lists/oss-security/2019/12/20/2
“This is a security release to fix a number of issues that were found by Kaspersky Lab. These issues affect both the client and server and could theoretically allow an malicious peer to take control over the software on the other side.”
|