Hi,

Would be nice to add etherpad-lite to our pacman.

https://github.com/ether/etherpad-lite

https://aur.archlinux.org/packages/etherpad-lite/

Hello,

Could it be possible to add this package :

dmg2img

“A CLI tool to uncompress Apple’s compressed DMG files to the HFS+ IMG format”

https://aur.archlinux.org/packages/dmg2img/

License : GPL2

Thanks

Hello,

Could it be possible to add this package :

crunch

“A wordlist generator where you can specify a standard character set or a character set you specify and generate all possible combinations and permutations.”

https://aur.archlinux.org/packages/crunch/

License : GPL2

Thanks

Description:

• add new package

Additional info:

• https://github.com/coturn/coturn

Steps to reproduce:

• none

The IDE codelite is an excellent development environment, continuously updated, has a clear vision and active support.
Would be nice to have this one within the repositories in upcoming releases, perhaps 0.5?

This is a GnuPG-like unix program for encryption and signing that uses only quantum-computer-resistant algorithms:

  McEliece cryptosystem (compact QC-MDPC variant) for encryption
  Hash-based Merkle tree algorithm (FMTSeq variant) for digital signatures

Codecrypt is free software. The code is licensed under terms of LGPL3 in a good hope that it will make combinations with other tools easier.

CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.

Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.

Code is available via svn:

$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp

Copy chdkptp.sh and config.mk files to source tree then compile via make. Requires root privileges to connect to a camera.

CHDKPTP is part of CHDK project - a free software firmware add-on for Canon cameras. It enables controlling Canon cameras via the computer.

Attached is a modified iup PKGBUILD (Lua 5.3 build was removed as it failed to compile) and configuration files for chdkptp.

Code is available via svn:

$ svn co http://subversion.assembla.com/svn/chdkptp/trunk chdkptp

Copy chdkptp.sh and config.mk files to source tree then compile via make. chdkptp requires root privileges to connect to a camera.

Could it be possible to add :

awesome-terminal-fonts

to the repo please ?

https://www.parabola.nu/packages/community/any/awesome-terminal-fonts/ https://github.com/gabrielelana/awesome-terminal-fonts

Thanks

Description:

• Add an Asterisk package capable of working without a graphical user interface. It’s common on servers and embedded devices that requires only interfaces like network (eg. SSH) or serial port to handle services.

Additional info:

• based on asterisk 14.4.0-1

Steps to reproduce:

• none

Hello,

Could it be possible to add this package :

arm-linux-gnueabihf-gcc

“The GNU Compiler Collection (arm-linux-gnueabihf)”

Also requires :

arm-linux-gnueabihf-binutils (A set of programs to assemble and manipulate binary and object files)
arm-linux-gnueabihf-glibc (GNU C Library)

https://aur.archlinux.org/packages/arm-linux-gnueabihf-gcc/

License : GPL

Thanks

Hello,

Could it be possible to add this package :

accuraterip-checksum

“A C99 commandline program to compute the AccurateRip checksum of singletrack WAV files”

https://www.parabola.nu/packages/community/x86_64/accuraterip-checksum/

License : GPL

Thanks

Safe Eyes is a program to manage breaks in front of the computer. It has many features that help us adapt it to our needs.

Description:
Hyperbola has the following SPF implementations:
* libspf2
* perl-mail-spf
* perl-mail-spf-query

However, none of them work out of the box with postfix. There’s postfix-policyd-spf-perl, which uses one the current perl implementations (perl-mail-spf), takes no time to build and all the dependencies are already satisfied with Hyperbola’s packages

Here I made a PKGBUILD that’s compliant with the packaging standards:

pkgname=postfix-policyd-spf-perl
pkgver=2.011
pkgrel=1
pkgdesc='Postfix SPF policy engine, written in Perl'
arch=(i686 x86_64)
url='https://launchpad.net/postfix-policyd-spf-perl/'
license=(GPL)
depends=(perl-mail-spf perl-netaddr-ip perl-sys-hostname-long)
source=("https://launchpad.net/postfix-policyd-spf-perl/trunk/${pkgver}/+download/${pkgname}-${pkgver}.tar.gz"{,.asc})
sha512sums=('22fc00bf74912056a67e937a460ac1fd878f1cb1a3bfa7b19bc5f1e6bc1c36d815dcf8c945e818d242ed5e72a6295bb0e1569446e06b09aefb2842993b8016ba'
            'SKIP')
validpgpkeys=(E7729BFFBE85400FEEEE23B178D7DEFB9AD59AF1) # Scott Kitterman

package() {
  cd "${pkgname}-${pkgver}"

  install -Dm755 "${pkgname}" "${pkgdir}/usr/libexec/postfix/${pkgname}"
  install -Dm644 CHANGES INSTALL README -t "${pkgdir}/usr/share/doc/${pkgname}"
  install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}

in the other hand, to give users the possibility of having more options, we could add pypolicyd-spf (AUR), which depends in pyspf (AUR) and other packages that Hyperbola has. In fact, ArchWiki talks about this implementation, but this might not be relevant.

Is that package worth using to generate every sentence of any kind?

Polygen:

• Package name: polygen{,-data}
• Release version: 1.0.6
• Release date: June 28, 2004
• Author(s): Alvise Spanò
• Written in: OCaml
• Licence(s): GPL-2
• Website(s): http://polygen.org/ (in Italian)
• Source code URL(s):
  • http://polygen.org/dist/polygen-1.0.6-20040628-src.zip
  • https://github.com/alvisespano/Polygen/ (alternative)
• Arch package URL(s):
  • https://aur.archlinux.org/packages/polygen/
  • https://aur.archlinux.org/packages/polygen-data/
• Arch package status: Not available on the offical repository, but available on AUR.
• Debian package URL(s):
  • https://packages.debian.org/stable/polygen
  • https://packages.debian.org/stable/polygen-data
• Debian package status: Available on the official repository.

Add “3proxy”[0] package

Useful for tor on ftp proxy[1]

[0]:https://github.com/z3APA3A/3proxy [1]:https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/FTP

I have installed multiple times Hyperbola, 4 times on 4 different notebooks.

What I have noticed is that the live ISO is quite huge in relation to the task that should be done. Namely. the live ISO shall at least contain some first packages, so that they do not need to be downloaded online.

Best would be if the live ISO can be copied straight and that system can run from ISO/DVD without having Internet. At least one simple graphical environment shall be included.

Further, I have noticed that there is only network instructions as HTML file.

I would rather call it installation-instructions.html to make it clear for people what it is. Or simply: INSTALL.html so that people understand what it is.

It says just network.html if I remember well.

Then there is absolutely no point or link or reference to the installation instructions.

Each time I got a network I had to go to either duckduckgo search engine or to hyperbola.info website and then I tried with lynx to find installation instructions.

It is not straight, not quite clearly in open, it is in Wiki, but that is quite hard to find.

We have to put ourselves in the shoes of those in need of free software. Millions of people need free software.

Many of us live in a developed western countries.

Yet millions of people in need of this software live in South America, Africa, Asia, Eastern Europe.

There are millions of students that could advance their study, and that could progress faster with free software.

In those countries Internet is often non-existent, universities may be located in poor network areas, Internet is being fetched by using mobile phones.

So if there is a live distribution, such shall at least contain basic software, which really can fit onto any DVD, and that as such can be copied on the computer without using Internet. Upgrades could be fetched by using Internet.

And there shall be clear reference, link or file about installation. There shall be no need to go to Internet to install the software.

Description:
Historically, Swiftweasel was a Firefox-based application built on XUL platform around 2007 and abandoned in 2010. It was optimized for several architectures using the following methods such as the Profile-Guided Optimization (PGO) and binary code optimization for computers with limited resources.

Since there are users encouraging us develop a Palemoon-based application , and Swiftweasel contains non-trademarked graphics and logos, we could port Swiftweasel to UXP platform as theme for Iceweasel-UXP.

Description:
Historically, Swiftdove was a Thunderbird-based application built on XUL platform around 2007 and abandoned in 2010. It was optimized for several architectures using the following methods such as the Profile-Guided Optimization (PGO) and binary code optimization for computers with limited resources.

Since FossaMail may potentially be revived on UXP in the future [0] and Swiftdove contains non-trademarked graphics and logos, we could port Swiftdove to UXP platform as theme for Icedove-UXP.

Patch for 4.9 : https://multipath-tcp.org/patches/mptcp-v4.9-c88d1d56809e.patch

AUR : https://aur.archlinux.org/packages/linux-mptcp/

«Unlike most chess engines, Stockfish is open source (GPL license). That means you can read the code, modify it, contribute back, and even use it in your own projects.» I do not know if it is libre. If it is, together with Scid, Hyperbola is one step closer for every chess lover out there who also loves freedom!
https://stockfishchess.org/

So avatar uploading is not working well, and picture is getting minimized to nothing.

http://scidvspc.sourceforge.net/

The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .

Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.

For the future of free computing, we need support architectures that do not come with such malware pre-installed, and RISC-V promises to be a great architecture example for low-power computers, laptops and embedded systems, also as ARM architecture replacement.

Devices like this are the future of computing that Respects Your Freedom and for that reason it’s a high priority for Hyperbola port all packages for the RISC-V architecture (riscv64) with multilib support.

NOTE: RISC-V porting is focused only for Hyperbola GNU/Linux-libre .

This would ease their usage on other distros.

This addon works for any firefox based browser but not seamonkey based or this.

I wondered if you could implement the iceweasel one for Iceape.

The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .

Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.

For the future of free computing, we need support architectures that do not come with such malware pre-installed, and the Power9-based Talos II promises to be a great architecture example for workstations and servers environments where Hyperbola is focused since is a fully free long-term support distribution.

Devices like this are the future of computing that Respects Your Freedom and for that reason it’s a high priority for Hyperbola port all packages for the POWER architecture (power64le).

NOTE: POWER porting is focused only for Hyperbola GNU/Linux-libre .

I don’t know if this is the best place for this, but I get stuck on the hardening the grub guide from libreboot,

https://libreboot.org/docs/gnulinux/grub_hardening.html

I wondered if there is anything different that needs to be done to get this part done:

gpg –homedir keys –detach-sign my.initramfs
gpg –homedir keys –detach-sign my.kernel
gpg –homedir keys –detach-sign libreboot_grub.cfg
gpg –homedir keys –detach-sign my.grubtest.cfg

it gives me a bunch of weird errors

Develop HyperBK (Hyper Berkeley Kernel), a BSD descendant kernel with GPL-compatible licenses preserved, non-compatible ones removed, and new code written under GPL-3 for HyperbolaBSD.

TODO:

• Download OpenBSD kernel source code from OpenBSD site → DONE

• Download LibertyBSD scripts to deblob and rebrand kernel from their scripts. → DONE

• Create a new project in Hyperbola Git called hyperbk. → DONE

• Push source to HyperBK’s project. → DONE

• Rebrand OpenBSD kernel to HyperbolaBSD with LibertyBSD scripts. → DONE

• Rebrand entire code (functions, variable, pointers, etc) under HyperbolaBSD → DONE

• Remove files under non GPL-compatible licenses → DONE

• Import code from another BSD systems under GPL-compatible licenses → IN PROGRESS

• Remove remaining nonfree files don't found from LibertyBSD scripts → IN PROGRESS

• Write new code under GPL-3 → IN PROGRESS

• Package HyperBK for HyperbolaBSD.

PATCHING NOTE

When the check concerns kernel, we obviously want to match with HyperbolaBSD.

Example of triplet check:	hyperbolabsd)
Example of uname -s check:	HyperbolaBSD)
Example of uname -r check:	0.1)
Example of C macro check:	defined(__HyperbolaBSD__)

After talking to Emulatorman, we think this would be a nice feature to add to our Hyperwiki to be able to subscribe to the original page in English to help tracking changing to the translated pages.
This implies to add the email notifications to the dokuwiki system

https://aur.archlinux.org/packages/linux-mptcp/

Kernel Patch for 4.9 :
http://multipath-tcp.org/patches/mptcp-v4.9-c88d1d56809e.patch

Compile :
https://multipath-tcp.org/pmwiki.php/Users/DoItYourself

Add Hyperbola branding to HyperTask such as HyperWiki and HyperForum for prolixity reasons.

The unfortunate reality is that x86 computers come encumbered with built-in low-level backdoors like the Intel Management Engine , as well as nonfree boot firmware. This means that users can’t gain full control over their computers, even if they install a free operating system such as Hyperbola GNU/Linux-libre .

Hyperbola is working hard to fix these issues and getting closer every day, but for the time being, this is why many current Respects Your Freedom (RYF) offerings are refurbished older devices.

For the future of free computing, we need support architectures that do not come with such malware pre-installed, and ARM A7/A53 promises to be a great architecture example for low-power computers, laptops and embedded systems.

NOTE: ARM porting is focused only for HyperbolaBSD .

purple-plugin-pack provides access to Napster which is only useful with a single company and sever (as far as I could tell).

We should check if the following packages run any non-free JS (like youtube-dl) or access a proprietary API:

- hub
- python-pygithub
- python2-pygithub

I haven’t check them, but they look fishy. Take it as a reminder, this is far from being urgent IMO.

The current version of BleachBit needs to be adapted so it can clean the new .cache/hyperbola/ directory.

By default, the ‘disable-publishing’ parameter in the [publish] section of avahi-daemon.conf is set to ‘no’, which can be seen in my opinion as a privacy issue as avahi broadcasts the hostname without the user’s consent even though this has been explicitly disabled in the settings of networkmanager.

Description:

• replace deprecated GNU Bazaar to Brezy for Canis Major

Additional info:

• bzr 2.7.0-2
• GNU Bazaar will be unmaintained (for now, there are only bug fixes)
• GNU Bazaar only supports Python 2.
• Python 2.7 is the end of the Python 2 line of development. [0]
• There never will be an official Python 2.8 release.
• Or use Tauthon (fork of Python 2.7) as dependency.

Note: It needs a provide: bazaar and brezy

Steps to reproduce:

• broken package

“appmenu-qt4”[0][2] is a deprecated package (release in 2012)[1] and use qt4 unsupported/non-lts software[3], but “appmenu-qt5” not contains any release source code[2]

$ pacman -Si appmenu-qt4
Repository : community
Name : appmenu-qt4
Version : 0.2.6-1
Description : Export Qt4 applications menus over D-Bus
Architecture : x86_64
URL : https://launchpad.net/appmenu-qt Licenses : GPL Groups : None
Provides : None
Depends On : libdbusmenu-qt4
Optional Deps : None
Conflicts With : appmenu-qt
Replaces : appmenu-qt
Download Size : 16.55 KiB
Installed Size : 48.00 KiB
Packager : Antonio Rojas arojas@archlinux.org Build Date : Tue 28 Feb 2017 05:59:31 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature

[0]:https://launchpad.net/appmenu-qt (qt4)
[1]:https://launchpad.net/appmenu-qt/+download [2]:https://launchpad.net/appmenu-qt5 [3]:https://en.wikipedia.org/wiki/Qt_5.6_LTS

Description: Concurrent package ossp in version 1.3.2-15 has got dependencies to systemd, which is contradicting the whole distribution and the used INIT-system. Therefore my request to port this to OpenRC!

Additional info:
* package version(s) 1.3.2-15

https://github.com/loh-tar/wpa-cute/releases

I know there are plans to remove NetworkManager. I wondered if we could replace it in 0.4 with Wpa_Cute. seen in the above link.

I haven’t been able to compile it, but it has been updated as recent as 2018 december (stable)

or 2019 january. :)

WPA_GUI doesn’t seem to work well for me, it runs into weird errors when I start it. Long story short, I run into this issue with wpa_supplicant when i do it manually:

https://wiki.archlinux.org/index.php/Wpa_supplicant:

Password-related problems

wpa_supplicant may not work properly if directly passed via stdin particularly long or complex passphrases which include special characters. This may lead to errors such as failed 4-way WPA handshake, PSK may be wrong when launching wpa_supplicant.

In order to solve this try using here strings wpa_passphrase <MYSSID> «< “<passphrase>” or passing a file to the -c flag instead:

# wpa_supplicant -i <interface> -c /etc/wpa_supplicant/example.conf

In some instances it was found that storing the passphrase cleartext in the psk key of the wpa_supplicant.conf network block gave positive results (see [2]). However, this approach is rather insecure. Using wpa_cli to create this file instead of manually writing it gives the best results most of the time and therefore is the recommended way to proceed.
Problems with eduroam and other MSCHAPv2 connections

This is my issue with wpa_supplicant sadly... and I do not know how to workaround that without a GUI.

but Wpa_Supplicant_gui does not fix it either, it doesn’t even load properly on my other laptop.

It says it cannot get the status of wpa_supplicant when I load it.

This could be an issue if you get rid of NetworkManager for some users.

So yeah, please take a look at my request okay? Wait for 0.3 to be released to add this if possible. I know you guys are overworked, etc... and it doesn’t need to be done now anyhow. ;)

No root settings found in /etc/spacefm/ Setting a root editor in Preferences should remove this warning on startup. Otherwise commands run as root may present a security risk.
EXEC(/usr/share/applications/sakura.desktop)=sakura

I am not sure how much of a risk this is, I will set it at high for now, but feel free to change it to low if its not a huge issue.

This is same issue as on:
https://bugzilla.redhat.com/show_bug.cgi?id=1151273

The paths changed and trying to mount davfs file system defined in /etc/fstab fails with error: unknown file system davfs

To remedy, I made symlink in /sbin to mount.davfs

The transition of paths had to take that in account as many mounted remote disks failed after upgrade.

https://www.openwall.com/lists/oss-security/2019/12/20/2

“This is a security release to fix a number of issues that were found by Kaspersky Lab. These issues affect both the client and server and could theoretically allow an malicious peer to take control over the software on the other side.”

CVE-2018-20123 QEMU: pvrdma: memory leakage in device hotplug
https://www.openwall.com/lists/oss-security/2018/12/13/4

CVE-2018-16872 Qemu: usb-mtp: path traversal by host filesystem
manipulation in Media Transfer Protocol (MTP)
https://www.openwall.com/lists/oss-security/2018/12/13/11

Patches included at above URLs.

Remotely observable behavior in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states ‘We understand that the OpenSSH developers do not want to treat such a username enumeration (or “oracle”) as a vulnerability.’ https://security-tracker.debian.org/tracker/CVE-2018-15919

Description: https://www.openwall.com/lists/oss-security/2020/02/24/5 https://www.bleepingcomputer.com/news/security/new-critical-rce-bug-in-openbsd-smtp-server-threatens-linux-distros/

Qualys Security Advisory

LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)

in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
OpenSMTPD listens on localhost only, by default, it does accept mail
from local users and delivers it to remote servers. If such a remote
server is controlled by an attacker (either because it is malicious or
compromised, or because of a man-in-the-middle, DNS, or BGP attack --
SMTP is not TLS-encrypted by default), then the attacker can execute
arbitrary shell commands on the vulnerable OpenSMTPD installation.

OpenSMTPD server (which accepts external mail) and send a mail that
creates a bounce. Next, when OpenSMTPD connects back to their mail
server to deliver this bounce, the attacker can exploit OpenSMTPD's
client-side vulnerability. Last, for their shell commands to be
executed, the attacker must (to the best of our knowledge) crash
OpenSMTPD and wait until it is restarted (either manually by an
administrator, or automatically by a system update or reboot).

would it be possible to make it use sudo instead?

From what I know, sudo is safer. Let me know if you agree this is a problem.

These two options could be enabled :

Kernel hacking → [*] Filter access to /dev/mem
[*] Filter I/O access to /dev/mem

Security options → [*] Restrict unprivileged access to the kernel syslog

In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation

https://security-tracker.debian.org/tracker/CVE-2019-2201

Patch: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388