Packages

The audioplayer clementine uses interfaces for non-free services like Dropbox, Google Drive, OneDrive, Subsonic and VK.com regarding storage and accessing files. So of course the software is licensed under the GPL, therefore Copyleft and free, libre software in the first place, but is also using anti-features with those interfaces to mentioned unfree services later on.

So the proposal would be: Creating a fork with removing those interfaces or otherwise removal of the whole package.

The CGManager project has been deprecated in favor of using the kernel’s CGroup Namespace or lxcfs’ simulated cgroupfs.

See https://s3hh.wordpress.com/2016/06/18/whither-cgmanager/ for details.

Since certbot v0.22.0[0] there’s support for ACMEv2 and Wildcard. This is an important update since wildcard SSL certificates can make server security and maintaince easier by supporting all subdomains of a base domain.

Debian Stretch (stable) uses certbot 0.10.2 but there’s 0.23.0 in stretch-backports repository[1]. So I’d like to request an update or a backport of certbot and its dependencies.

These are the actual packages versions from Hyperbola and Arch:

• certbot (0.23.0-1) / Hyperbola version ⇒ (0.14.0-1) [x]
• python-acme (0.23.0-1) / Hyperbola version ⇒ (0.14.0-1) [x]
• python-configargparse (0.12.0-1) / Hyperbola version ⇒ (0.11.0-2) [=]
• python-parsedatetime (2.4-1) / Hyperbola version ⇒ (2.3-1) [x]
• python-pbr (4.0.2-1) / Hyperbola version ⇒ (3.0.0-1) [<]
• python-pytz (2018.4-1) / Hyperbola version ⇒ (2017.2-1) [<]
• python-zope-component (4.4.1-1) / Hyperbola version ⇒ (4.3.0-2) [=]
• python-zope-event (4.3.0-1) / Hyperbola version ⇒ (4.2.0-2) [=]

NOTE: packages marked with an “[x]” means that the pkg has Debian Stretch backports of the proposed updated version. The “[=]” means that Debian has no backports but uses the same version of the pkg as Hyperbola. The [<] means the Debian Version lower than Hyperbola’s Version.

The packages that may get the update should be only the ones marked with an [x], if we follow the Debian Stretch devel. If certbot gets the update, then the following Arch packages need to be added for obtaining wildcard certificates throught the DNS challenge:

• certbot-dns-cloudflare
• certbot-dns-cloudxns
• certbot-dns-digitalocean
• certbot-dns-dnsimple
• certbot-dns-dnsmadeeasy
• certbot-dns-luadns
• certbot-dns-nsone
• certbot-dns-rfc2136
• certbot-dns-route53

I ommited certbot-dns-google since it’s not compatible with the Hyperbola Packaging Guidelines.

[0] https://community.letsencrypt.org/t/certbot-0-22-0-release-with-acmev2-and-wildcard-support/55061
[1] https://packages.debian.org/search?keywords=certbot

Cataclysm-DDA contains a problematic license[0][1][2] for software.
Uses “Creative Commons Attribution-ShareAlike 3.0 Unported License”.

$ pacman -Si cataclysm-dda
Repository : community
Name : cataclysm-dda
Version : 0.C-3
Description : A post-apocalyptic roguelike.
Architecture : x86_64
URL : http://en.cataclysmdda.com/ Licenses : CCPL:by-sa
Groups : None
Provides : None
Depends On : ncurses lua
Optional Deps : sdl2_image: for tiles

                sdl2_ttf: for tiles
                freetype2: for tiles
                sdl2_mixer: for tiles

Conflicts With : None
Replaces : None
Download Size : 19.33 MiB
Installed Size : 53.32 MiB
Packager : Felix Yan felixonmars@archlinux.org Build Date : Mon 07 Dec 2015 03:14:02 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature

[0]:https://github.com/CleverRaven/Cataclysm-DDA/blob/master/LICENSE.txt [1]:https://creativecommons.org/faq/#can-i-apply-a-creative-commons-license-to-software [2]:https://www.gnu.org/licenses/license-list.html#ccbysa

Description:

• needs OpenRC init script (bzr serve), like [git] (git-daemon) and [subversion] (svnserve)

Additional info:

• bzr 2.7.0-2

Note: needs a provide: bazaar

Steps to reproduce:

• none

BlueGriffon contains support to nonfree “Extended Features”

$ pacman -Qi bluegriffon
Name            : bluegriffon
Version         : 2.3.1-2
Description     : The next-generation Web Editor based on the rendering engine of Firefox
Architecture    : x86_64
URL             : http://bluegriffon.org/
Licenses        : MPL  GPL  LGPL
Groups          : None
Provides        : None
Depends On      : alsa-lib  desktop-file-utils  dbus-glib  gtk2  gtk3  hunspell  mozilla-common  nss  libevent  libvpx  libxt  python2  startup-notification
Optional Deps   : None
Required By     : None
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 120.72 MiB
Packager        : Evangelos Foutras <evangelos@foutrelis.com>
Build Date      : Tue 25 Apr 2017 12:22:30 PM -03
Install Date    : Wed 08 Nov 2017 12:46:24 AM -03
Install Reason  : Explicitly installed
Install Script  : No
Validated By    : Signature

Description:

Since Hyperbola follows the Init Freedom Campaign, systemd unit files removal is required or add OpenRC init scripts to replace it.

Additional info:
* package version(s)

community/backuppc 4.1.2-1 [installed]

   Enterprise-grade system for backing up Linux, Windows and MacOS PCs

* config and/or log files etc.

Additional info:

Steps to reproduce: install it

Description:

update package to v0.1.50 version

Note: Update [gegl] or Backport [gegl] and [gimp]
      https://issues.hyperbola.info/index.php?do=details&task_id=1052
      https://issues.hyperbola.info/index.php?do=details&task_id=1053
      https://issues.hyperbola.info/index.php?do=details&task_id=1054

Additional info:

babl 0.1.38-1.hyperbola1

$ pacman -Si babl
Repository      : extra
Name            : babl
Version         : 0.1.38-1.hyperbola1
Description     : Dynamic, any to any, pixel format conversion library
Architecture    : x86_64
URL             : http://gegl.org/babl/
Licenses        : LGPL3
Groups          : None
Provides        : None
Depends On      : glibc
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 237.72 KiB
Installed Size  : 734.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Sun 31 Dec 2017 05:31:32 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

none

Avahi is a zero-configuration networking implementation that contains critical security issues because mDNS operates under a different trust model than unicast DNS trusting the entire network rather than a designated DNS server, it is vulnerable to spoofing attacks by any system within the multicast IP range. Like SNMP and many other network management protocols, it can also be used by attackers to quickly gain detailed knowledge of the network and its machines. [0]

Since it violates the Hyperbola Social Contract , Avahi should be blacklisted.

Description:

Ath9k wifi device not working, possibly bad compilation or issues with gcc

Additional info:
* package version(s)

- gcc-8.4.0-2
- ath9k-htc-firmware-1.4.0-8

* config and/or log files etc.

[    8.302952] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[    8.303011] usbcore: registered new interface driver ath9k_htc
[    8.303067] usb 1-1: Direct firmware load for ath9k_htc/htc_9271-1.4.0.fw failed with error -2
[    8.303073] usb 1-1: ath9k_htc: Firmware htc_9271.fw requested
[    8.623141] usb 1-1: ath9k_htc: Transferred FW: htc_9271.fw, size: 51008
[    9.683657] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[    9.683672] ath9k_htc: Failed to initialize the device

Steps to reproduce:

- Add wifi device with ath9k firmware, for example: TL-WN722N
- pacman -S ath9k-htc-firmware

References:

- https://bugzilla.kernel.org/show_bug.cgi?id=208251

Description:

• Add an Asterisk package capable of working without a graphical user interface. It’s common on servers and embedded devices that requires only interfaces like network (eg. SSH) or serial port to handle services.

Additional info:

• based on asterisk 14.4.0-1

Steps to reproduce:

• none

Require package: android-udev

* Add to /etc/udev/rules.d/51-android.rules

GROUP="uucp"

* Add the user to the group uucp

gpasswd -a username uucp

* Reboot

Package Information

$ pacman -Ql android-udev
android-udev /usr/
android-udev /usr/lib/
android-udev /usr/lib/udev/
android-udev /usr/lib/udev/rules.d/
android-udev /usr/lib/udev/rules.d/51-android.rules

Description:

• The Arch version of aMule from the snapshot used by Hyperbola comes with systemd support. Since Hyperbola follows the Init Freedom Campaign , systemd unit files removal is required or add OpenRC init scripts to replace it.

Additional info:
* package version(s)
* config and/or log files etc.

Repository      : extra
Name            : amule
Version         : 10983-2
Description     : An eMule-like client for ed2k p2p network
Architecture    : x86_64
URL             : http://www.amule.org
Licenses        : GPL
Groups          : None
Provides        : None
Depends On      : wxgtk  gd  geoip  libupnp  crypto++  boost-libs
Optional Deps   : None
Conflicts With  : None
Replaces        : None
Download Size   : 4.84 MiB
Installed Size  : 22.65 MiB
Packager        : Antonio Rojas <arojas@archlinux.org>
Build Date      : Mon 23 Jan 2017 08:36:47 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

/usr/lib/systemd/system/amuled.service is owned by amule 10983-2
/usr/lib/systemd/system/amuleweb.service is owned by amule 10983-2

Steps to reproduce:

• Install package.

Abiword supports the defunct AltaVista’s Babel Fish translator which queries are redirected to the main Yahoo! page.

...

build() {
  cd $pkgname-$pkgver
  ./configure --prefix=/usr \
    --enable-shared \
    --disable-static \
    --enable-clipart \
    --enable-templates \
    --enable-plugins="aiksaurus applix **babelfish** bmp clarisworks collab docbook \
                      eml epub freetranslation garble gdict gimp goffice grammar \
                      hancom hrtext iscii kword latex loadbindings mathview mht \
                      mif mswrite opendocument openwriter openxml opml ots paint \
                      passepartout pdb pdf presentation psion s5 sdw t602 urldict \
                      wikipedia wmf wml wordperfect wpg xslfo" \
    --enable-introspection
  sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
  make
}

...

Description: Tried with new compiled version of mumble no open and secured with SSL-certificate is reachable. Log within console:

qt.network.ssl: QSslSocket: cannot resolve SSL_CTX_set_options
qt.network.ssl: QSslSocket: cannot resolve SSL_session_reused
qt.network.ssl: QSslSocket: cannot resolve SSL_set_options
qt.network.ssl: QSslSocket: cannot resolve BN_is_word
qt.network.ssl: QSslSocket: cannot resolve SSL_in_init

<W>2021-08-23 01:00:18.814 QSslSocket: cannot call unresolved function sk_num

<W>2021-08-23 01:00:20.270 QSslSocket: cannot call unresolved function SSL_CTX_set_options

The aarch64-linux-gnu-linux-api-headers from [community] is compiled using the blobbed Linux kernel sources[0], and in Parabola it has been replaced with aarch64-linux-gnu-linux-libre-api-headers[1].
This issue is exactly the same as linux-api-headers, so it should be blacklisted and replaced using the Linux-libre source.

[0] https://git.archlinux.org/svntogit/community.git/plain/aarch64-linux-gnu-linux-api-headers/trunk/PKGBUILD

[1]https://git.parabola.nu/abslibre.git/commit/?id=acaa4ba9c0bc77deb6b77e4dad815f66c673d662

The aarch64-linux-gnu-linux-api-headers package from [community] compiles using the blobbed Linux kernel source[0], at Parabola it has been replaced with aarch64-linux-gnu-linux-libre-api-headers[1], since this issue is exactly the same as with linux-api-headers.

The solution is to simply compile using Linux-libre sources.

[0] https://git.archlinux.org/svntogit/community.git/plain/aarch64-linux-gnu-linux-api-headers/trunk/PKGBUILD

[1] https://git.parabola.nu/abslibre.git/commit/?id=acaa4ba9c0bc77deb6b77e4dad815f66c673d662