|
Any | Privacy Issue | Very Low | Low | [purple-plugin-pack] Provides Napster support which is ... | Closed | |
Task Description
purple-plugin-pack provides access to Napster which is only useful with a single company and sever (as far as I could tell).
|
|
Any | Privacy Issue | Very Low | Medium | [certbot-dns-luadns] LuaDNS service depends in non-free ... | Closed | |
Task Description
According to their documentation:
In order to use LuaDNS service you’ll need a LuaDNS account and a Git repository.
Sign up for a free LuaDNS account here: https://api.luadns.com/signup
Currently we are supporting the following Git hosting services: > GitHub > Bitbucket
GitHub, as everybody knows, was acquired by Microsoft last year (2018) https://news.microsoft.com/2018/06/04/microsoft-to-acquire-github-for-7-5-billion/
And Bitbucket, like GitHub, is a centralized non-free git service.
There are other packages made for GitHub which haven’t been removed, but as you were deleting the certbot-dns-* packages that depended on a US-based DNS provider company, I thought you may wanted to know this.
|
|
Any | Privacy Issue | Very Low | Low | [github] check github-related packages | Closed | |
Task Description
We should check if the following packages run any non-free JS (like youtube-dl) or access a proprietary API:
- hub - python-pygithub - python2-pygithub
I haven’t check them, but they look fishy. Take it as a reminder, this is far from being urgent IMO.
|
|
Any | Privacy Issue | Very Low | Critical | [bleachbit] needs to be adapted to UXP applications | Closed | |
Task Description
The current version of BleachBit needs to be adapted so it can clean the new .cache/hyperbola/ directory.
|
|
Any | Privacy Issue | Medium | High | midori new Support for cross-browser web extensions | Closed | |
Task Description
Description: idk what to do with it i add the PKGBUILD but this new extension needs to be checked left or patched, https://git.hyperbola.info:50100/~team/packages/extra.git/plain/midori/PKGBUILD?h=rachad
Additional info: * package version(9.0)
important links to check: * https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions * https://github.com/midori-browser/core/issues/244
|
|
Any | Pull Request | Very Low | High | [firejail] update of 0.9.52 to 0.9.54 + support for UXP ... | Closed | |
Task Description
Description:
Hi guys, there have been minor changes in firejail, we have also published iceweasel-uxp. Given this case, here I publish the relevant updates of the files.
|
|
Any | Pull Request | High | High | [firetools] update of 0.9.50 to 0.9.52 + support for UX ... | Closed | |
Task Description
Description:
Hi guys, there have been minor changes in firetools GUI, we have also published iceweasel-uxp. Given this case, here I publish the relevant updates of the files.
|
|
Any | Replace Request | Low | Low | [appmenu-qt4] replace with appmenu-qt (qt5) | Closed | |
Task Description
“appmenu-qt4”[0][2] is a deprecated package (release in 2012)[1] and use qt4 unsupported/non-lts software[3], but “appmenu-qt5” not contains any release source code[2]
$ pacman -Si appmenu-qt4 Repository : community Name : appmenu-qt4 Version : 0.2.6-1 Description : Export Qt4 applications menus over D-Bus Architecture : x86_64 URL : https://launchpad.net/appmenu-qt Licenses : GPL Groups : None Provides : None Depends On : libdbusmenu-qt4 Optional Deps : None Conflicts With : appmenu-qt Replaces : appmenu-qt Download Size : 16.55 KiB Installed Size : 48.00 KiB Packager : Antonio Rojas arojas@archlinux.org Build Date : Tue 28 Feb 2017 05:59:31 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://launchpad.net/appmenu-qt (qt4) [1]:https://launchpad.net/appmenu-qt/+download [2]:https://launchpad.net/appmenu-qt5 [3]:https://en.wikipedia.org/wiki/Qt_5.6_LTS
|
|
Any | Replace Request | Low | Low | [botan*] remove unstable "botan" and rename ''botan1.10 ... | Closed | |
Task Description
Remove unstable “botan” and rename “botan1.10” to “botan-old-stable”[0]
$ pacman -Si botan
Repository : community
Name : botan
Version : 2.1.0-1
Description : Crypto library written in C++
Architecture : x86_64
URL : https://botan.randombit.net/
Licenses : BSD
Groups : None
Provides : None
Depends On : gcc-libs sh
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 1816.44 KiB
Installed Size : 7040.00 KiB
Packager : Alexander Rødseth <rodseth@gmail.com>
Build Date : Fri 21 Apr 2017 09:19:27 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Si botan1.10
Repository : community
Name : botan1.10
Version : 1.10.13-1
Description : Crypto library written in C++ - old stable branch
Architecture : x86_64
URL : http://botan.randombit.net/
Licenses : BSD
Groups : None
Provides : None
Depends On : gcc-libs sh
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 1014.98 KiB
Installed Size : 3734.00 KiB
Packager : Felix Yan <felixonmars@archlinux.org>
Build Date : Fri 06 Jan 2017 06:48:59 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://botan.randombit.net/
|
|
Any | Replace Request | Very High | Critical | [dnscrypt-proxy] update package to 2.x following backpo ... | Closed | |
Task Description
Since DNSCrypt-Proxy project has been abandoned [0] , DNSCrypt-Proxy 2 [1] should be used as its source replacement, however DNSCrypt-Proxy 2 contains support for unsafe and dangerous for privacy protocols such as Google. [2] [3] [4] Also, it contains Google recommendation and support through its parental control servers and public resolvers lists [5] [6]
Therefore DNSCrypt-Proxy 2 requires be re-forked by us first to follow our social contract.
|
|
Any | Replace Request | Very High | Critical | [kernel-firmware] split out firmware projects from linu ... | Closed | |
Task Description
Since Linux 4.14, the in-tree kernel firmware was dropped[0][1], and Hyperbola uses linux-libre-lts-firmware from 4.9 which still supports that firmware.
However, I’d like to request upgrading to the new libre replacement of linux-firmware.git: linux-libre-firmware[2][3].
This version has no LTS releases (well, firmwares commonly don’t have LTS versions and the in-tree firmware was always the same in post-4.9 generations), but it has the same firmwares as Linux-libre-lts plus some others.
This is the list of firmware files in linux-libre-lts-firmware and its dependencies:
linux-libre-lts-firmware
---
/usr/lib/firmware/av7110/bootcode.bin
/usr/lib/firmware/dsp56k/bootstrap.bin
/usr/lib/firmware/keyspan_pda/keyspan_pda.fw
/usr/lib/firmware/keyspan_pda/xircom_pgs.fw
ath9k-htc-firmware
---
/usr/lib/firmware/htc_7010.fw
/usr/lib/firmware/htc_9271.fw
openfwwf
---
/usr/lib/firmware/b43-open/b0g0bsinitvals5.fw
/usr/lib/firmware/b43-open/b0g0initvals5.fw
/usr/lib/firmware/b43-open/ucode5.fw
And here are the firmware files of the new linux-libre-firmware:
linux-libre-firmware
---
/usr/lib/firmware/av7110/bootcode.bin
/usr/lib/firmware/b43-open/b0g0bsinitvals5.fw
/usr/lib/firmware/b43-open/b0g0initvals5.fw
/usr/lib/firmware/b43-open/ucode5.fw
/usr/lib/firmware/carl9170-1.fw
/usr/lib/firmware/cis/3CCFEM556.cis
/usr/lib/firmware/cis/3CXEM556.cis
/usr/lib/firmware/cis/COMpad2.cis
/usr/lib/firmware/cis/COMpad4.cis
/usr/lib/firmware/cis/DP83903.cis
/usr/lib/firmware/cis/LA-PCM.cis
/usr/lib/firmware/cis/MT5634ZLX.cis
/usr/lib/firmware/cis/NE2K.cis
/usr/lib/firmware/cis/PCMLM28.cis
/usr/lib/firmware/cis/PE-200.cis
/usr/lib/firmware/cis/PE520.cis
/usr/lib/firmware/cis/RS-COM-2P.cis
/usr/lib/firmware/cis/SW_555_SER.cis
/usr/lib/firmware/cis/SW_7xx_SER.cis
/usr/lib/firmware/cis/SW_8xx_SER.cis
/usr/lib/firmware/cis/tamarack.cis
/usr/lib/firmware/dsp56k/bootstrap.bin
/usr/lib/firmware/htc_7010.fw
/usr/lib/firmware/htc_9271.fw
/usr/lib/firmware/isci/isci_firmware.bin
/usr/lib/firmware/keyspan_pda/keyspan_pda.fw
/usr/lib/firmware/keyspan_pda/xircom_pgs.fw
/usr/lib/firmware/usbdux_firmware.bin
/usr/lib/firmware/usbduxfast_firmware.bin
/usr/lib/firmware/usbduxsigma_firmware.bin
It has openfwwf and ath9k-htc-firmware included, plus some others. If actual versions of Hyperbola don’t get the update at least consider it for future releases. You can get the new PKGBUILD[4] and its new build dependencies at Parabola’s abslibre.git libre tree[5]
The new dependencies are:
Sources:
[0] https://www.phoronix.com/scan.php?page=news_item&px=Linux-4.14-Migrates-Out-FW [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b38923a068c10fc36ca8f596d650d095ce390b85 [2] https://jxself.org/firmware/ [3] https://jxself.org/git/?p=linux-libre-firmware.git [4] https://git.parabola.nu/abslibre.git/tree/libre/linux-libre-firmware [5] https://git.parabola.nu/abslibre.git/tree/libre
Updated Note:
Since Linux-libre-firmware contains a lot of independent firmware, tools and assembly projects, it should be built from its official tarball separately and create a group called kernel-firmware to follow the our packaging guidelines. Tools and assembly projects shouldn’t be included in kernel-firmware since those ones are firmware dependencies.
|
|
Any | Replace Request | Very Low | Medium | [youtube-dl] replace avideo-lts with youtube-dl | Closed | |
Task Description
Please, replace avideo-lts with youtube-dl. avideo-lts haven’t seen any updates for almost a year and is probably abandoned. Also Stallman confirmed youtube-dl doesn’t execute any non-free JavaScript, so its inclusion doesn’t go against Social Contract.
|
|
Any | Replace Request | Defer | Critical | [bzr] replace deprecated GNU Bazaar to Brezy | Closed | |
Task Description
Description:
replace deprecated GNU Bazaar to Brezy for Canis Major
Additional info:
bzr 2.7.0-2
GNU Bazaar will be unmaintained (for now, there are only bug fixes)
GNU Bazaar only supports Python 2.
-
-
-
Note: It needs a provide: bazaar and brezy
Steps to reproduce:
|
|
Any | Replace Request | High | Critical | [python2] replace deprecated Python 2 to Tauthon | Closed | |
Task Description
Description:
replace deprecated Python 2 to Tauthon for Canis Major
Additional info:
Steps to reproduce:
|
|
Any | Replace Request | Medium | Medium | [hypervideo] stop the development of Hypervideo | Closed | |
Task Description
Description:
I used to be under the impression that youtube-dl executes proprietary JavaScript, but I now understand that it only *parses* the JavaScript to find the URL for some videos. It doesn’t actually run the JavaScript, so it’s not a freedom issue.
Youtube-dl only executes regular expressions [0][1][2]
you also remove the files that are just for testing [3][4][5][6][7] and when compiling the program with libretools the test files are not placed[8]
I have consulted with other programmers and we have reached the same conclusion. Youtube-dl does not execute JS non-free, it only extracts the JS to read through python the URL‘s of some videos.[9][10]
The issues that I see with youtube-dl are rather in their form of development because it changes at every moment
Additional info:
- [0]: https://github.com/ytdl-org/youtube-dl/blob/master/youtube_dl/jsinterp.py#L12
- [1]: https://github.com/ytdl-org/youtube-dl/blob/master/youtube_dl/jsinterp.py#L132
- [2]: https://github.com/ytdl-org/youtube-dl/blob/master/youtube_dl/swfinterp.py#L391
- [3]: https://github.com/ytdl-org/youtube-dl/tree/master/test/swftests/
- [4]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_iqiyi_sdk_interpreter.py
- [5]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_jsinterp.py
- [6]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_swfinterp.py
- [7]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_youtube_signature.py
- [8]:
$ tree -d
.
├── bin
├── lib
│ └── python3.6
│ └── site-packages
│ ├── youtube_dl
│ │ ├── downloader
│ │ │ └── __pycache__
│ │ ├── extractor
│ │ │ └── __pycache__
│ │ ├── postprocessor
│ │ │ └── __pycache__
│ │ └── __pycache__
│ └── youtube_dl-2019.5.11-py3.6.egg-info
└── share
├── bash-completion
│ └── completions
├── doc
│ └── youtube_dl
├── fish
│ └── completions
├── licenses
│ └── youtube-dl
├── man
│ └── man1
└── zsh
└── site-functions
26 directories
- [9]: https://directory.fsf.org/wiki/Youtube-dl - [10]: https://github.com/fent/node-ytdl-core/issues/222
|
|
Any | Replace Request | Medium | High | [firejail] use firejail LTS | Closed | |
Task Description
Description:
Firejail developers since October 2018 have started building LTS versions of firejail[0], according to Packaging Guidelines we must use LTS versions of the packages if they are available.
Links:
[0]: https://github.com/netblue30/firejail/tree/LTSbase
|
|
Any | Security Issue | Very High | Critical | [gnome-mplayer] [gecko-mediaplayer] [gmtk] remove unsec ... | Closed | |
Task Description
Remove “gnome-mplayer”, “gecko-mediaplayer” and “gmtk” are unsecured/abandonware packages(released in 2014) “gecko-mediaplayer” uses deprecated/unsecured NPAPI[0] and XULRunner[1][2] apis
$ pacman -Si gnome-mplayer Repository : community Name : gnome-mplayer Version : 1.0.9-4 Description : A simple MPlayer GUI. Architecture : x86_64 URL : https://sites.google.com/site/kdekorte2/gnomemplayer Licenses : GPL Groups : None Provides : None Depends On : mplayer dbus-glib libnotify gmtk Optional Deps : None Conflicts With : None Replaces : None Download Size : 343.29 KiB Installed Size : 1461.00 KiB Packager : Balló György <ballogyor+arch@gmail.com> Build Date : Sun 22 Jan 2017 04:45:38 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Si gecko-mediaplayer Repository : community Name : gecko-mediaplayer Version : 1.0.9-3 Description : Browser plugin that uses gnome-mplayer to play media in a web browser. Architecture : x86_64 URL : https://sites.google.com/site/kdekorte2/gecko-mediaplayer Licenses : GPL Groups : None Provides : None Depends On : gnome-mplayer>=1.0.9 dbus-glib gmtk curl Optional Deps : None Conflicts With : None Replaces : None Download Size : 80.92 KiB Installed Size : 598.00 KiB Packager : Balló György <ballogyor+arch@gmail.com> Build Date : Sun 22 Jan 2017 04:36:31 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Si gmtk Repository : community Name : gmtk Version : 1.0.9-3 Description : Common functions for gnome-mplayer and gecko-mediaplayer. Architecture : x86_64 URL : https://sites.google.com/site/kdekorte2/gmtk Licenses : GPL Groups : None Provides : None Depends On : glib2 gtk3 dconf Optional Deps : None Conflicts With : None Replaces : None Download Size : 73.85 KiB Installed Size : 246.00 KiB Packager : Balló György <ballogyor+arch@gmail.com> Build Date : Sun 22 Jan 2017 04:50:49 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap [1]:https://hearsum.ca/blog/mozilla-will-stop-producing-automated-builds-of-xulrunner-after-the-410-cycle.html [2]:https://tracker.debian.org/pkg/xulrunner
|
|
Any | Security Issue | Very High | Critical | [freewrl] remove unsecure "libFreeWRLplugin.so" | Closed | |
Task Description
Remove “libFreeWRLplugin.so”, uses deprecated/unsecure NPAPI[0] and XULRunner[1][2] apis
$ pacman -Si freewrl Repository : community Name : freewrl Version : 1:2.3.3-1 Description : VRML viewer Architecture : x86_64 URL : http://freewrl.sourceforge.net/ Licenses : GPL Groups : None Provides : None Depends On : java-runtime libxaw glew freeglut curl freetype2 imlib2 sox unzip imagemagick libxml2 ttf-bitstream-vera lesstif js185 glu openal
freealut
Optional Deps : None Conflicts With : None Replaces : None Download Size : 583.49 KiB Installed Size : 2060.00 KiB Packager : Sergej Pupykin <pupykin.s+arch@gmail.com> Build Date : Mon 19 Dec 2016 10:31:49 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ sudo pacman -Ql freewrl freewrl /usr/ freewrl /usr/bin/ freewrl /usr/bin/freewrl freewrl /usr/bin/freewrl_msg freewrl /usr/bin/freewrl_snd freewrl /usr/include/ freewrl /usr/include/FreeWRLEAI/ freewrl /usr/include/FreeWRLEAI/EAIHeaders.h freewrl /usr/include/FreeWRLEAI/EAI_C.h freewrl /usr/include/FreeWRLEAI/GeneratedHeaders.h freewrl /usr/include/FreeWRLEAI/X3DNode.h freewrl /usr/include/libFreeWRL.h freewrl /usr/lib/ freewrl /usr/lib/libFreeWRL.so freewrl /usr/lib/libFreeWRL.so.2 freewrl /usr/lib/libFreeWRL.so.2.3.3 freewrl /usr/lib/libFreeWRLEAI.so freewrl /usr/lib/libFreeWRLEAI.so.2 freewrl /usr/lib/libFreeWRLEAI.so.2.3.3 freewrl /usr/lib/mozilla/ freewrl /usr/lib/mozilla/plugins/ freewrl /usr/lib/mozilla/plugins/libFreeWRLplugin.so freewrl /usr/lib/pkgconfig/ freewrl /usr/lib/pkgconfig/libFreeWRL.pc freewrl /usr/lib/pkgconfig/libFreeWRLEAI.pc freewrl /usr/share/ freewrl /usr/share/applications/ freewrl /usr/share/applications/freewrl.desktop freewrl /usr/share/man/ freewrl /usr/share/man/man1/ freewrl /usr/share/man/man1/freewrl.1.gz freewrl /usr/share/pixmaps/ freewrl /usr/share/pixmaps/freewrl.png
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap [1]:https://hearsum.ca/blog/mozilla-will-stop-producing-automated-builds-of-xulrunner-after-the-410-cycle.html [2]:https://tracker.debian.org/pkg/xulrunner
|
|
Any | Security Issue | Very High | Critical | [xulrunner] unmaintained and unsupportable | Closed | |
Task Description
Remove “xulrunner”[0][1] is unsecure/abandonware package
$ pacman -Si xulrunner Repository : community Name : xulrunner Version : 41.0.2-10 Description : Mozilla Runtime Environment Architecture : x86_64 URL : http://wiki.mozilla.org/XUL:Xul_Runner Licenses : MPL GPL LGPL Groups : None Provides : None Depends On : gtk2 mozilla-common nss>3.18 libxt hunspell startup-notification mime-types dbus-glib libpulse libevent libvpx icu python2 Optional Deps : None Conflicts With : None Replaces : xulrunner-oss Download Size : 47.38 MiB Installed Size : 171.99 MiB Packager : Evangelos Foutras evangelos@foutrelis.com Build Date : Wed 26 Apr 2017 03:10:07 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://hearsum.ca/blog/mozilla-will-stop-producing-automated-builds-of-xulrunner-after-the-410-cycle.html [1]:https://tracker.debian.org/pkg/xulrunner
|
|
Any | Security Issue | High | High | [npapi-sdk] remove unsecure/deprecated package | Closed | |
Task Description
“npapi-sdk” (released in 2012) uses deprecated/unsecure NPAPI[0] api
$ pacman -Si npapi-sdk Repository : extra Name : npapi-sdk Version : 0.27.2-1 Description : Netscape Plugin API (NPAPI) Architecture : any URL : https://bitbucket.org/mgorny/npapi-sdk Licenses : MPL Groups : None Provides : None Depends On : None Optional Deps : None Conflicts With : None Replaces : None Download Size : 15.77 KiB Installed Size : 67.00 KiB Packager : Ionut Biru ibiru@archlinux.org Build Date : Thu 25 Apr 2013 01:47:15 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [npapi-vlc] remove unsecured package | Closed | |
Task Description
“npapi-vlc” uses deprecated/unsecure NPAPI[0] api
$ pacman -Si npapi-vlc Repository : community Name : npapi-vlc Version : 2.2.5-1 Description : The modern VLC Mozilla (NPAPI) plugin Architecture : x86_64 URL : https://code.videolan.org/videolan/npapi-vlc Licenses : GPL Groups : None Provides : None Depends On : gtk2 vlc Optional Deps : None Conflicts With : None Replaces : None Download Size : 69.96 KiB Installed Size : 287.00 KiB Packager : Timothy Redaelli timothy.redaelli@gmail.com Build Date : Tue 14 Feb 2017 12:27:08 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [nspluginwrapper] remove unsecure/deprecated package | Closed | |
Task Description
“nspluginwrapper” (released in 2011) uses deprecated/unsecure NPAPI[0] api
$ pacman -Si nspluginwrapper Repository : multilib Name : nspluginwrapper Version : 1.4.4-3 Description : Cross-platform NPAPI compatible plugin viewer Architecture : x86_64 URL : http://nspluginwrapper.davidben.net/ Licenses : GPL Groups : None Provides : None Depends On : curl libxt lib32-libxt gcc-libs lib32-gcc-libs gtk2 lib32-gtk2 Optional Deps : None Conflicts With : None Replaces : None Download Size : 146.14 KiB Installed Size : 475.00 KiB Packager : Felix Yan felixonmars@gmail.com Build Date : Sat 12 Jul 2014 02:40:45 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [x2goplugin] remove unsecure package | Closed | |
Task Description
“x2goplugin” uses deprecated/unsecure NPAPI[0] api
$ pacman -Si x2goplugin Repository : extra Name : x2goplugin Version : 4.1.0.0-1 Description : provides X2Go Client as QtBrowser-based Mozilla plugin Architecture : x86_64 URL : http://www.x2go.org Licenses : GPL2 Groups : None Provides : None Depends On : qt4 libcups nxproxy libssh libxpm Optional Deps : None Conflicts With : None Replaces : None Download Size : 1250.54 KiB Installed Size : 2761.00 KiB Packager : Andreas Radke andyrtr@archlinux.org Build Date : Wed 22 Feb 2017 12:42:48 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [djview] remove unsecure "nsdejavu.so" | Closed | |
Task Description
Remove “nsdejavu.so”, uses deprecated/unsecure NPAPI[0] api
$ sudo pacman -Si djview Repository : community Name : djview Version : 4.10.6-1 Description : Portable DjVu viewer and browser plugin Architecture : x86_64 URL : http://djvu.sourceforge.net/djview4.html Licenses : GPL Groups : None Provides : djview4 Depends On : qt5-base djvulibre libxkbcommon-x11 libsm Optional Deps : None Conflicts With : djview4 Replaces : djview4 Download Size : 535.79 KiB Installed Size : 1978.00 KiB Packager : Gaetan Bisson bisson@archlinux.org Build Date : Wed 04 May 2016 08:53:23 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ sudo pacman -Ql djview djview /usr/ djview /usr/bin/ djview /usr/bin/djview djview /usr/bin/djview4 djview /usr/lib/ djview /usr/lib/mozilla/ djview /usr/lib/mozilla/plugins/ djview /usr/lib/mozilla/plugins/nsdejavu.so djview /usr/share/ djview /usr/share/applications/ djview /usr/share/applications/djvulibre-djview4.desktop djview /usr/share/djvu/ djview /usr/share/djvu/djview4/ djview /usr/share/djvu/djview4/djview_cs.qm djview /usr/share/djvu/djview4/djview_de.qm djview /usr/share/djvu/djview4/djview_es.qm djview /usr/share/djvu/djview4/djview_fr.qm djview /usr/share/djvu/djview4/djview_ru.qm djview /usr/share/djvu/djview4/djview_uk.qm djview /usr/share/djvu/djview4/djview_zh_cn.qm djview /usr/share/djvu/djview4/djview_zh_tw.qm djview /usr/share/icons/ djview /usr/share/icons/hicolor/ djview /usr/share/icons/hicolor/32×32/ djview /usr/share/icons/hicolor/32×32/mimetypes/ djview /usr/share/icons/hicolor/32×32/mimetypes/djvulibre-djview4.png djview /usr/share/icons/hicolor/64×64/ djview /usr/share/icons/hicolor/64×64/mimetypes/ djview /usr/share/icons/hicolor/64×64/mimetypes/djvulibre-djview4.png djview /usr/share/icons/hicolor/scalable/ djview /usr/share/icons/hicolor/scalable/mimetypes/ djview /usr/share/icons/hicolor/scalable/mimetypes/djvulibre-djview4.svgz djview /usr/share/man/ djview /usr/share/man/man1/ djview /usr/share/man/man1/djview.1.gz djview /usr/share/man/man1/nsdejavu.1.gz
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [icedtea-web] remove unsecure "IcedTeaPlugin.so" | Closed | |
Task Description
Remove “IcedTeaPlugin.so”, it uses deprecated/unsecure NPAPI[0] apis
Note: this package contains “Java Web Start” and unsecured NPAPI plugin, it needs change package description and description on optional dependencies in “jre{7,8}-openjdk” packages.
$ pacman -Si icedtea-web Repository : extra Name : icedtea-web Version : 1.6.2-2.hyperbola1 Description : Free web browser plugin to run applets written in Java and an implementation of Java Web Start, without nonfree firefox support Architecture : x86_64 URL : http://icedtea.classpath.org/wiki/IcedTea-Web Licenses : GPL2 Groups : None Provides : java-web-start Depends On : java-runtime-openjdk desktop-file-utils Optional Deps : rhino: for using proxy auto config files Conflicts With : None Replaces : icedtea-web-java7 Download Size : 1525.55 KiB Installed Size : 2108.00 KiB Packager : André Silva emulatorman@hyperbola.info Build Date : Fri 26 May 2017 06:13:18 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql icedtea-web icedtea-web /usr/ icedtea-web /usr/bin/ icedtea-web /usr/bin/itweb-settings icedtea-web /usr/bin/javaws icedtea-web /usr/bin/policyeditor icedtea-web /usr/lib/ icedtea-web /usr/lib/mozilla/ icedtea-web /usr/lib/mozilla/plugins/ icedtea-web /usr/lib/mozilla/plugins/IcedTeaPlugin.so icedtea-web /usr/share/ icedtea-web /usr/share/applications/ icedtea-web /usr/share/applications/itweb-settings.desktop icedtea-web /usr/share/applications/javaws.desktop icedtea-web /usr/share/icedtea-web/ icedtea-web /usr/share/icedtea-web/bin/ icedtea-web /usr/share/icedtea-web/bin/itweb-settings icedtea-web /usr/share/icedtea-web/bin/javaws icedtea-web /usr/share/icedtea-web/bin/policyeditor icedtea-web /usr/share/icedtea-web/javaws_splash.png icedtea-web /usr/share/icedtea-web/lib/ icedtea-web /usr/share/icedtea-web/lib/IcedTeaPlugin.so icedtea-web /usr/share/icedtea-web/netx.jar icedtea-web /usr/share/icedtea-web/plugin.jar icedtea-web /usr/share/man/ icedtea-web /usr/share/man/man1/ icedtea-web /usr/share/man/man1/icedtea-web-plugin.1.gz icedtea-web /usr/share/man/man1/icedtea-web.1.gz icedtea-web /usr/share/man/man1/itweb-settings.1.gz icedtea-web /usr/share/man/man1/javaws.1.gz icedtea-web /usr/share/man/man1/policyeditor.1.gz icedtea-web /usr/share/pixmaps/ icedtea-web /usr/share/pixmaps/javaws.png
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | Medium | Medium | [cinepaint] unmaintained and unsupportable | Closed | |
|
|
Any | Security Issue | Very High | Critical | [midori] unmaintained and unsupportable | Closed | |
|
|
Any | Security Issue | Very High | Critical | [w3m] unmaintained and unsupportable | Closed | |
|
|
Any | Security Issue | Very High | Critical | [pam] pam_unix2 is orphaned and dead upstream | Closed | |
|
|
Any | Security Issue | Very High | Critical | [wpa_supplicant] vulnerable to KRAK attack | Closed | |
|
|
Any | Security Issue | High | High | [podofo] vulnerable allows remote attackers to cause a ... | Closed | |
|
|
Any | Security Issue | High | High | [isync] needs update | Closed | |
|
|
Any | Security Issue | Medium | High | [blender] error invalid PGP keys | Closed | |
|
|
Any | Security Issue | Very High | Critical | [dillo] enable IPv6, SSL/TLS and threaded DNS support | Closed | |
|
|
Any | Security Issue | High | High | [busybox] CVE-2017-16544: autocompletion vulnerability | Closed | |
|
|
Any | Security Issue | Very High | Critical | [linux-libre-lts*] Meltdown & Spectre Vulnerability | Closed | |
|
|
Any | Security Issue | Very High | Critical | [libressl] add package as OpenSSL replacement and defau ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [avahi] blacklist package since it's a zeroconf impleme ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [electrum] JSONRPC vulnerability | Closed | |
|
|
Any | Security Issue | High | Critical | [irssi] IRSSI-SA-2018-02 Irssi Security Advisory | Closed | |
|
|
Any | Security Issue | High | Critical | [python2] heap-overflow vulnerability CVE-2018-1000030 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [mupdf] multiple security issues | Closed | |
|
|
Any | Security Issue | High | Critical | [geth] possible denial of service attacks "DoS Attack" | Closed | |
|
|
Any | Security Issue | Very Low | High | Iceweasel ESR request, | Closed | |
|
|
Any | Security Issue | Very High | Critical | [xen] multiple security issues: CVE-2018-10472, CVE-201 ... | Closed | |
|
|
Any | Security Issue | Medium | Critical | [glusterfs] CVE-2018-1088: Privilege escalation via gl ... | Closed | |
|
|
Any | Security Issue | Very High | Critical | [wget] - GNU Wget Cookie Injection CVE-2018-0494 | Closed | |
|
|
Any | Security Issue | Very High | Critical | [networkmanager] CVE-2018-1111: DHCP client script code ... | Closed | |
|
|
Any | Security Issue | Very Low | Low | [gnupg-stable]: shall be upgraded to mitigate risks wit ... | Closed | |
|
|
Any | Security Issue | Very High | High | [gnupg] CVE-2018-12020 | Closed | |
|