|
Any | Freedom Issue | Medium | Low | [man-pages-zh_tw]: using kernel name without operating ... | Closed | |
Task Description
Description:
community/man-pages-zh_tw 1.6.3.1-1
Traditional Chinese Linux man pages
See: https://www.gnu.org/philosophy/words-to-avoid.html#Linux
|
|
Testing | Freedom Issue | Medium | Low | [iceweasel-uxp] Firefox is used on Private Browsing wit ... | Closed | |
Task Description
Description:
Private Browsing with Tracking Protection
When you browse in a Private Window, Firefox does not save:
visited pages
cookies
searches
temporary files
Firefox will save your:
bookmarks
downloads
Private Browsing doesn’t make you anonymous on the Internet. Your employer or Internet service provider can still know what page you visit. Tracking Protection
Some websites use trackers that can monitor your activity across the Internet. With Tracking Protection Firefox will block many trackers that can collect information about your browsing behavior.
Learn more about Private Browsing.
Firefox is named 3 times. Private Browsing link is broken
Additional info: * package version(s) : 52.9.0_20180601-3
Steps to reproduce: Open Private Browsing
|
|
Any | Freedom Issue | Medium | High | [xdg-utils] Remove nonfree apps | Closed | |
Task Description
Description:
xdg-utils package contains some non-free applications
Additional info:
$ pacman -Si xdg-utils
Repositorio : extra
Nombre : xdg-utils
Versión : 1.1.1-5
Descripción : Command line tools that assist applications with a variety of
desktop integration tasks
Arquitectura : any
URL : https://www.freedesktop.org/wiki/Software/xdg-utils/
Licencias : MIT
Grupos : Nada
Provee : Nada
Depende de : sh xorg-xset
Dependencias opcionales : kde-cli-tools: for KDE Plasma5 support in xdg-open
exo: for Xfce support in xdg-open
xorg-xprop: for Xfce support in xdg-open
pcmanfm: for LXDE support in xdg-open
perl-file-mimeinfo: for generic support in xdg-open
perl-net-dbus: Perl extension to dbus used in xdg-screensaver
perl-x11-protocol: Perl X11 protocol used in xdg-screensaver
En conflicto con : Nada
Remplaza a : Nada
Tamaño de la descarga : 54,40 KiB
Tamaño de la instalación : 303,00 KiB
Encargado : Andreas Radke <andyrtr@archlinux.org>
Fecha de creación : vie 20 ene 2017 16:12:57 -05
Validado por : Suma MD5 Suma SHA-256 Firma
Steps to reproduce:
$ cat /usr/bin/xdg-open | grep 'chromium'
BROWSER=x-www-browser:firefox:iceweasel:seamonkey:mozilla:epiphany:konqueror:chromium:google-chrome:$BROWSER
|
|
Any | Freedom Issue | Medium | Medium | [filesystem] Review of permissions | Unconfirmed | |
Task Description
Description: Packages leaves warnings about installation being within difference of the filesystem. So the package filesystem should get another review in time and warnings get therefore a solution.
|
|
Any | Implementation Request | Medium | Medium | [uzem][uzebox] add uzem emulator and uzebox firmware pa ... | Closed | |
Task Description
Add “uzem” emulator and “uzebox” firmware packages[0][1].
It’s a emulator and firmware for fully free 8bit game console.
[0]:http://belogic.com/uzebox/index.asp (no https found) [1]:https://github.com/Uzebox/uzebox
|
|
Any | Implementation Request | Medium | Medium | [octopi] [octopi-cachecleaner] [octopi-notifier] [octop ... | Closed | |
Task Description
Implement octopi, octopi-cachecleaner, octopi-notifier and octopi-repoeditor packages.
Octopi is a GUI for Pacman (Package Manager) tools, needed for desktop users[0][1].
Note: Those packages need patches to remove AUR support.
[0]:https://octopiproject.wordpress.com/ [1]:https://github.com/aarnt/octopi
|
|
Any | Implementation Request | Medium | Medium | [ncdu] add new package | Closed | |
Task Description
PKGBUILD
# $Id: PKGBUILD 187611 2016-08-26 15:44:01Z bisson $
# Contributor: lp76 <l.peduto@gmail.com>
# Contributor: Daenyth <Daenyth+Arch AT gmail DOT com>
# Maintainer: Gaetan Bisson <bisson@archlinux.org>
pkgname=ncdu
pkgver=1.12
pkgrel=1.hyperbola1
pkgdesc='Disk usage analyzer with an ncurses interface'
url='https://dev.yorhel.nl/ncdu'
license=('custom:MIT')
depends=('ncurses')
arch=('i686' 'x86_64')
validpgpkeys=('74460D32B80810EBA9AFA2E962394C698C2739FA')
source=("https://dev.yorhel.nl/download/${pkgname}-${pkgver}.tar.gz"{,.asc})
sha512sums=('20620dd79d2af878442769e097f13806f64f23875dcb85ebccd573a3de43aba5663d496049b64015d13f9a79d624298032c008ef61dfb6f61d8b12902b8dca12'
'SKIP')
build() {
cd "${srcdir}/${pkgname}-${pkgver}"
./configure --prefix=/usr
make
}
package() {
cd "${srcdir}/${pkgname}-${pkgver}"
make DESTDIR="${pkgdir}" install
install -Dm644 COPYING "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}
|
|
Any | Implementation Request | Medium | Medium | [searx] add new package | Closed | |
Task Description
Hi André, you could make an init for the searx search engine, it happens that I want to launch it from local to avoid being in searx.me or searx.riseup.net.
I have seen that there is a PKGBUILD in AUR [0]. I think it is necessary to make one with the init Openrc
[0]: https://aur.archlinux.org/packages/searx-py3/
|
|
Any | Implementation Request | Medium | Medium | [wine-stable] add package | Closed | |
Task Description
Add Wine stable version (2.x) as default Wine package.
|
|
Any | Implementation Request | Medium | Low | Scid vs. PC – PGN Reader/ChessBase | Closed | |
Task Description
http://scidvspc.sourceforge.net/
|
|
Any | Implementation Request | Medium | Low | Stockfish Chess Engine | Closed | |
Task Description
«Unlike most chess engines, Stockfish is open source (GPL license). That means you can read the code, modify it, contribute back, and even use it in your own projects.» I do not know if it is libre. If it is, together with Scid, Hyperbola is one step closer for every chess lover out there who also loves freedom! https://stockfishchess.org/
|
|
Any | Implementation Request | Medium | Low | [hunspell-pt-br] add new package | Closed | |
Task Description
Description: Add Brazilian Portuguese grammar, spelling and hyphenation checker to hunspell.
|
|
Any | Implementation Request | Medium | Low | [hyphen-pt-br] add new package | Closed | |
Task Description
Description: Add Brazilian Portuguese hyphenation to hunspell.
|
|
Stable | Implementation Request | Medium | Medium | [materia-theme] add package | Closed | |
Task Description
A Material-like flat theme for GTK+ 2/3, and GNOME shell, released under a GNU General Public Licence (GNU GPL) 2 and later.
|
|
Stable | Implementation Request | Medium | Critical | [strongswan] add new package | Closed | |
Task Description
Description:
Package strongSwan is missing. Can it please be added to relevant repository? The package’s presence is critical for using IKEv2 in VPN.
Additional info:
* Source: Please see added link
Steps to reproduce:
N/A
|
|
Testing | Implementation Request | Medium | Medium | linux-libre-lts-hypersec: New package with extra securi ... | Closed | |
Task Description
Description: Per a user request and to better secure the kernel, we can embed the cryptsetup and ciphers in the kernel. This would mean rather than exposed modules, they are built-in to the kernel and ready to use even without an intramfs.
To be embedded: ciphers aes, twofish, serpent; sha256, sha512 - and the necessary modules (don’t forget the block modes xts, lvm and cryptsetup …)
Additionally, we could include USB Guard and any other features that meet our social contract and security outlook.
|
|
Any | Privacy Issue | Medium | Medium | [meta] Investigate DuckDuckGo links for privacy | Closed | |
Task Description
As per a user report (https://forums.hyperbola.info/viewtopic.php?id=92), DDG is USA based search engine and is blocking Tor users (https://trac.torproject.org/projects/tor/ticket/23648). They are also using non-free JS on the default search.
It seems the best way to solve this is to use their “html” hidden service since it conceals the user IP, doesn’t block Tor users by default, and doesn’t need JS. https://3g2upl4pq6kufc4m.onion/html/
This will affect multiple applications that are currently using DuckDuckGo. The alternative is to remove it completely, but it still is a better option than Google et. all for privacy...
|
|
Any | Privacy Issue | Medium | High | midori new Support for cross-browser web extensions | Closed | |
Task Description
Description: idk what to do with it i add the PKGBUILD but this new extension needs to be checked left or patched, https://git.hyperbola.info:50100/~team/packages/extra.git/plain/midori/PKGBUILD?h=rachad
Additional info: * package version(9.0)
important links to check: * https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions * https://github.com/midori-browser/core/issues/244
|
|
Testing | Replace Request | Medium | Medium | [devtools] use artools as devtools replacement | Closed | |
Task Description
Replace “devtools” to “artools”[0][1]
[0]:https://github.com/artix-linux/artools [1]:https://git.archlinux.org/devtools.git
Notes: "artools" replaces "devtools" and "archiso"
without "systemd", but it is not a "libretools" replacement.
For now, "libretools" needs a "chroot" wrapper to use it.
|
|
Any | Replace Request | Medium | Medium | [hypervideo] stop the development of Hypervideo | Closed | |
Task Description
Description:
I used to be under the impression that youtube-dl executes proprietary JavaScript, but I now understand that it only *parses* the JavaScript to find the URL for some videos. It doesn’t actually run the JavaScript, so it’s not a freedom issue.
Youtube-dl only executes regular expressions [0][1][2]
you also remove the files that are just for testing [3][4][5][6][7] and when compiling the program with libretools the test files are not placed[8]
I have consulted with other programmers and we have reached the same conclusion. Youtube-dl does not execute JS non-free, it only extracts the JS to read through python the URL‘s of some videos.[9][10]
The issues that I see with youtube-dl are rather in their form of development because it changes at every moment
Additional info:
- [0]: https://github.com/ytdl-org/youtube-dl/blob/master/youtube_dl/jsinterp.py#L12
- [1]: https://github.com/ytdl-org/youtube-dl/blob/master/youtube_dl/jsinterp.py#L132
- [2]: https://github.com/ytdl-org/youtube-dl/blob/master/youtube_dl/swfinterp.py#L391
- [3]: https://github.com/ytdl-org/youtube-dl/tree/master/test/swftests/
- [4]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_iqiyi_sdk_interpreter.py
- [5]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_jsinterp.py
- [6]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_swfinterp.py
- [7]: https://github.com/ytdl-org/youtube-dl/blob/master/test/test_youtube_signature.py
- [8]:
$ tree -d
.
├── bin
├── lib
│ └── python3.6
│ └── site-packages
│ ├── youtube_dl
│ │ ├── downloader
│ │ │ └── __pycache__
│ │ ├── extractor
│ │ │ └── __pycache__
│ │ ├── postprocessor
│ │ │ └── __pycache__
│ │ └── __pycache__
│ └── youtube_dl-2019.5.11-py3.6.egg-info
└── share
├── bash-completion
│ └── completions
├── doc
│ └── youtube_dl
├── fish
│ └── completions
├── licenses
│ └── youtube-dl
├── man
│ └── man1
└── zsh
└── site-functions
26 directories
- [9]: https://directory.fsf.org/wiki/Youtube-dl - [10]: https://github.com/fent/node-ytdl-core/issues/222
|
|
Any | Replace Request | Medium | High | [firejail] use firejail LTS | Closed | |
Task Description
Description:
Firejail developers since October 2018 have started building LTS versions of firejail[0], according to Packaging Guidelines we must use LTS versions of the packages if they are available.
Links:
[0]: https://github.com/netblue30/firejail/tree/LTSbase
|
|
Any | Security Issue | Medium | Medium | [cinepaint] unmaintained and unsupportable | Closed | |
Task Description
Remove “cinepaint” package since it’s unmaintained and unsupportable. Also, it doesn’t contains any file format support in the latest version (previous version supported multiple file formats).
I suggest use Krita (or Gimp 2.10) to edit 16bit and 32bit file formats or convert with imagemagick/graphicsmagick.
$ pacman -Si cinepaint
Repository : community
Name : cinepaint
Version : 1:1.0.4-5
Description : Sophisticated graphics manipulation programm supporting > 8bit pictures
Architecture : x86_64
URL : http://www.cinepaint.org
Licenses : LGPL GPL MIT
Groups : None
Provides : None
Depends On : gtk2 openexr lcms libxpm fltk ftgl libxxf86vm
Optional Deps : python2: for python plug-ins
gutenprint: for print plug-ins
ghostscript: for pdf plug-ins
Conflicts With : None
Replaces : None
Download Size : 3.75 MiB
Installed Size : 13.91 MiB
Packager : Christian Hesse <arch@eworm.de>
Build Date : Thu 28 Apr 2016 05:17:05 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Security Issue | Medium | High | [blender] error invalid PGP keys | Closed | |
Task Description
$ sudo pacman -S blender
resolviendo dependencias…
buscando conflictos entre paquetes…
Paquetes (20) alembic-1.7.1-1 blender-common-2.78.c-1.hyperbola4 blosc-1.11.3-1 ilmbase-2.2.0-2 intel-tbb-2017_20170226-1 libraw-0.18.2-1 libspnav-0.2.3-1 llvm-4.0.0-2
log4cplus-1.2.0-3 opencollada-1.6.45-1.hyperbola1 opencolorio-1.0.9-5 openexr-2.2.0-3.hyperbola2 openimageio-1.6.18-1.hyperbola1 openshadinglanguage-1.7.5-1.hyperbola1
opensubdiv-3.1.1-1 openvdb-3.2.0-2 ptex-2.1.28-1.hyperbola1 valgrind-3.12.0-2 zstd-1.1.4-1 blender-2.78.c-1.hyperbola4
Tamaño total de la descarga: 0,33 MiB
Tamaño total de la instalación: 567,26 MiB
:: ¿Continuar con la instalación? [S/n] s
:: Recibiendo los paquetes…
libspnav-0.2.3-1-x86_64 8,5 KiB 849K/s 00:00 [######################################################################] 100%
zstd-1.1.4-1-x86_64 283,3 KiB 199K/s 00:01 [######################################################################] 100%
blosc-1.11.3-1-x86_64 43,0 KiB 331K/s 00:00 [######################################################################] 100%
(20/20) comprobando las claves del depósito [######################################################################] 100%
(20/20) verificando la integridad de los paquetes [######################################################################] 100%
error: libspnav: signature from "Andrea Scarpino <me@andreascarpino.it>" is marginal trust
:: El archivo /var/cache/pacman/pkg/libspnav-0.2.3-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: zstd: signature from "Andrzej Giniewicz (giniu) <gginiu@gmail.com>" is marginal trust
:: El archivo /var/cache/pacman/pkg/zstd-1.1.4-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: blosc: signature from "Andrzej Giniewicz (giniu) <gginiu@gmail.com>" is marginal trust
:: El archivo /var/cache/pacman/pkg/blosc-1.11.3-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: no se pudo realizar la operación (paquete no válido o dañado)
Ocurrieron errores, por lo que no se actualizaron los paquetes
|
|
Any | Security Issue | Medium | Critical | [glusterfs] CVE-2018-1088: Privilege escalation via gl ... | Closed | |
Task Description
https://security-tracker.debian.org/tracker/CVE-2018-1088
http://openwall.com/lists/oss-security/2018/04/18/1
https://bugs.debian.org/896128
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.
Upstream patches: https://review.gluster.org/#/c/19899/1..2
Fixed in: https://github.com/gluster/glusterfs/releases/tag/v4.0.2
|
|
Any | Security Issue | Medium | High | [toxcore] vulnerability affecting versions < 0.2.3 | Closed | |
Task Description
Per toxcore official blog, there is a security issue that affects all versions prior to 0.2.3. Users IP will leak if they have public ToxID. https://blog.tox.chat/2018/04/security-vulnerability-and-new-toxcore-release/
|
|
Any | Security Issue | Medium | Medium | [openssh] CVE-2018-15919 | Closed | |
|
|
Any | Security Issue | Medium | Critical | [libjpeg-turbo] CVE-2019-2201 | Closed | |
|
|
Any | Update Request | Medium | Medium | [youtube-viewer] update request to v3.7.9 | Closed | |
|
|
Any | Update Request | Medium | High | Make Knock patch for Linux-libre 4.14 LTS | Closed | |
|
|
Any | Update Request | Medium | Medium | [cups] update request | Closed | |
|
|
Any | Update Request | Medium | High | [php] is out of date/support | Closed | |
|
|
Testing | Bug Report | High | High | [sway] error while loading shared libraries | Closed | |
|
|
Testing | Bug Report | High | High | [sddm] error while loading shared libraries | Closed | |
|
|
Testing | Bug Report | High | High | [freerdp] error while loading shared libraries | Closed | |
|
|
Testing | Bug Report | High | High | [gnome-shell] error while loading shared libraries | Closed | |
|
|
Testing | Bug Report | High | High | [ksystemlog] error while loading shared libraries | Closed | |
|
|
Testing | Bug Report | High | High | [mutter] error while loading shared libraries | Closed | |
|
|
Any | Bug Report | High | High | [tlp] remove systemd support | Closed | |
|
|
Any | Bug Report | High | High | [sway] relies on systemd libraries | Closed | |
|
|
Stable | Bug Report | High | High | [elogind] /usr/lib/udev/rules.d/73-seat-late.rules not ... | Closed | |
|
|
Stable | Bug Report | High | High | [qemu] add missing libseccomp dependency | Closed | |
|
|
Any | Bug Report | High | High | [gnome-disk-utility] error while loading shared librari ... | Closed | |
|
|
Stable | Bug Report | High | High | [opencollada][openimageio][openshadinglanguage][ptex] s ... | Closed | |
|
|
Any | Bug Report | High | High | [filesystem] remove /etc/crypttab file | Closed | |
|
|
Stable | Bug Report | High | High | [php-fpm] service: No such file or directory | Closed | |
|
|
Any | Bug Report | High | High | [dhcp]: /etc/init.d/dhcpd failed to run | Closed | |
|
|
Any | Bug Report | High | High | [mate-session-manager] add elogind support | Closed | |
|
|
Any | Bug Report | High | High | [gvfs] add libelogind support | Closed | |
|
|
Stable | Bug Report | High | Critical | [vhba-module-lts] modprobe: ERROR: could not insert 'vh ... | Closed | |
|
|
Any | Bug Report | High | High | [lightdm] is running under foreground mode and causing ... | Closed | |
|